IETF Logo Mail Archive

Re: [CFRG] Bitcoin delenda est. Was: Escalation: time commitment to fix *production* security bugs for BLS RFC v4?

Soatok Dreamseeker <soatok.dhole@gmail.com> Tue, 27 April 2021 01:02 UTC

Return-Path: <soatok.dhole@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AD233A046A for <cfrg@ietfa.amsl.com>; Mon, 26 Apr 2021 18:02:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uc5hlO_XvVBv for <cfrg@ietfa.amsl.com>; Mon, 26 Apr 2021 18:01:58 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10DC13A046E for <cfrg@irtf.org>; Mon, 26 Apr 2021 18:01:57 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id k14so7782383wrv.5 for <cfrg@irtf.org>; Mon, 26 Apr 2021 18:01:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9CJPIGtqkkdgqrHKZphBk3gtA4vlhegF08Nzpi9oDGk=; b=hkGNF2SQkjX9WU5bamCdiMA7dMwrEt7KpDH6qo9zO66jIr2/7t9c/t9m4ddWchFeF+ 2J0Fv8OpZK/AVhAFu1TTIVIH4F89pySLuNwTuatx8itcecZvp0FZw7gCsONSgDTJ7QYA mvpjYq8Jg2SlrunZYqt4yB1S3Mak+5q39Gnc+SYjz7BZ5u5gLDAUUzeUylgisBRVumFc wsZHv9WsYAFhSy+2jfb/b27U5JbQ+dh8guy5Ddae3ed3t4e5uADP5BgSXXItT4DLvr4r qyq8odw3aZPoHziiXxLlhsHkMI6y8LDZaZH8QZ9sIUtkg+zZxSxReACRnROINgDldwFz Uppw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9CJPIGtqkkdgqrHKZphBk3gtA4vlhegF08Nzpi9oDGk=; b=n56Pt2GmV7IDBvBJ9X8P5YSXTnXUubpNpQLDYglN7T1anPTCzeFafGqX66Nq2WQquj 8zDx1ZlPhAL90FM1zCgF4/gSAP54x83njApSNBlxMwHZ4k/WOonHoqWSGDZNjRvczghH P1KiM+e324kbIh8S+kBwk/2WkXOgZpxZR7/IlSh0ZhaGxEF4/O7M6xVc0DwfRGIMzSK/ sJj2FQpUSkeBaqKtQTdsDxIjnd2dfhBoGjo7bi26T7d1+VNbaYPOHEOx4xkXcMSbxo8/ GpCNGCc4r/H3tD0UMJgC+JtbufpwQM+JorJvSoY+zOKk6UWjV+6Wwjl8/5gmVAeq7lOA UOzg==
X-Gm-Message-State: AOAM530VbTzvrzBs8gQbEeWnQfJhNsddT+vJPs3BYv27d3EWWqb1Cc5O j7Lt1mi0inhQwtAuw3eY8ckMCjVSKRsi7CRMrFM=
X-Google-Smtp-Source: ABdhPJx2m19V8Qbh1RBppbCN4vvuUtAakqyJVNX5K16RkYUTyP909Q9oj9oMSKm2u0nzwoFPnmwmBCqAKVcmhWVubaw=
X-Received: by 2002:adf:f707:: with SMTP id r7mr7592834wrp.54.1619485315377; Mon, 26 Apr 2021 18:01:55 -0700 (PDT)
MIME-Version: 1.0
References: <CAAEB6g=tU=MF1_QKduEN55ft0rWe+7x0wBbywS083fJrjzP=XA@mail.gmail.com> <20210423195504.d6f74x4jsdrzagcc@muon> <CAAEB6g=dcsRKz6zm7F15F-uZ7Zfi_qF06KwQXmrireKEKZYHFg@mail.gmail.com> <49ca86ec6409217d60e3f2e94e3090ef2b571f80.camel@loup-vaillant.fr> <A1765592-7AF7-4F3A-8B22-C5BD6C059A7C@akamai.com> <CAMm+LwjKV3xT_2StxzL4X3BCeTpvwJBMmFMLQUw66xhQNkDNZA@mail.gmail.com> <CAJU8_nVwtK2d6ofHGM+G+HvAhNQyx1VqmxYzXampCcJJ1ymZ6Q@mail.gmail.com> <CAHu1Y73Hm-2YdFje5EQ1uD8ZmtQvLVqjqZwkLszS8sWkhvBaow@mail.gmail.com> <F18706D8-6482-482E-81BB-3874EB5CEB67@shiftleft.org> <682600AC-4779-4849-AE64-8F002E227516@shiftleft.org>
In-Reply-To: <682600AC-4779-4849-AE64-8F002E227516@shiftleft.org>
From: Soatok Dreamseeker <soatok.dhole@gmail.com>
Date: Mon, 26 Apr 2021 21:01:45 -0400
Message-ID: <CAOvwWh0R8jW8FNMGr8ZGUeOLv66PVOuCVbenFT--c=GDaRT_EQ@mail.gmail.com>
To: Mike Hamburg <mike@shiftleft.org>
Cc: Michael Sierchio <kudzu@tenebras.com>, cfrg@irtf.org, "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f12c9505c0e9ce25"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/lzDRdSceE60CZkZi9eDM_KU4WAg>
Subject: Re: [CFRG] Bitcoin delenda est. Was: Escalation: time commitment to fix *production* security bugs for BLS RFC v4?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Apr 2021 01:02:03 -0000

I'm conflicted on the topic of cryptocurrency intersecting with
cryptography because of bad faith on one side (as this thread demonstrates)
and the risk of excessive gatekeeping on the other. (I have a blog post on
the topic [1] if anyone is interested.)

However, that's about cryptography in general.

In my opinion, it would be a very big mistake for the IETF to tacitly or
directly endorse any cryptocurrency project in 2021. (We can revisit this
when the technologies have had a chance to mature, become greener, and
on-chain privacy becomes ubiquitous.)

If there are security concerns about the BLS draft, that's worth fixing
irrespective of whether it impacts cryptocurrency or not. Fixing a security
concern that is only know to impact cryptocurrency is not sufficient to be
tacit endorsement or direct support, as there may be other unknown impacted
use cases. That's just good security engineering, and well within the
mission of CFRG.

Thus, I propose we end this thread before more irrelevant material gets
submitted. We can do the good thing without doing bad things.

[1]: https://soatok.blog/2021/04/19/a-furrys-guide-to-cryptocurrency/

On Mon, Apr 26, 2021, 4:24 PM Mike Hamburg <mike@shiftleft.org> wrote:

> Also, sorry for the double post, but according to
> https://digiconomist.net/ethereum-energy-consumption, Bitcoin energy
> consumption is up 37% year-on-year, and Ethereum is up by a factor of 5
> (!!!) year-on-year.  Something that's ~1% of human electricity consumption,
> and rising significantly year-on-year, is absolutely something to be
> concerned about.
>
> There are claims that this will somehow help us soak up surplus solar
> energy during the day, and be idle by night, but this is like
> Ethereum-proof-of-stake from my POV: until it actually happens at scale, I
> won’t trust it.
>
> Apologies again,
> — Mike
> _______________________________________________
> CFRG mailing list
> CFRG@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email