You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is my understanding that this fix never made it into Peercoin. Has this been addressed in Peershares?
Overview
Bitcoin protocol has an alert system to spread important news regarding the digital currency. Alerts are signed with a private ECDA key, so only the development team can issue new alerts. Alerts signatures are checked for every alert that is received. Each check takes some time, usually between 1 and 4 msecs. The verification time does not depend on the correctness of the signature. Therefore an attacker may flood a node with invalid alerts generated on-the-fly at no cost, and exhaust the victim's node CPU.
It is my understanding that this fix never made it into Peercoin. Has this been addressed in Peershares?
Overview
Bitcoin protocol has an alert system to spread important news regarding the digital currency. Alerts are signed with a private ECDA key, so only the development team can issue new alerts. Alerts signatures are checked for every alert that is received. Each check takes some time, usually between 1 and 4 msecs. The verification time does not depend on the correctness of the signature. Therefore an attacker may flood a node with invalid alerts generated on-the-fly at no cost, and exhaust the victim's node CPU.
References
CVE-2012-4683
Announcement
Gentoo bug
The text was updated successfully, but these errors were encountered: