IETF Logo Mail Archive

Re: [CFRG] Bitcoin delenda est. Was: Escalation: time commitment to fix *production* security bugs for BLS RFC v4?

Daniel Franke <dfoxfranke@gmail.com> Mon, 26 April 2021 17:54 UTC

Return-Path: <dfoxfranke@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 574193A2AC8 for <cfrg@ietfa.amsl.com>; Mon, 26 Apr 2021 10:54:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ry-EvTEbclao for <cfrg@ietfa.amsl.com>; Mon, 26 Apr 2021 10:54:25 -0700 (PDT)
Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A926A3A2AC9 for <cfrg@irtf.org>; Mon, 26 Apr 2021 10:54:25 -0700 (PDT)
Received: by mail-pl1-x62a.google.com with SMTP id h20so29358779plr.4 for <cfrg@irtf.org>; Mon, 26 Apr 2021 10:54:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Sved1EC+sHI7uVG57vTyfrllp412Hc4S70ub0AuTI+0=; b=Rw+s0i75mYh7duiKS+qIRFgsBakXcIW6r/ZG0ZZQmZCXxWbl0ZkWwpLIJW3PWvk0O8 CdqWsJjxpmSRpQjW2b28AFG6OMbY7qdyqS2a8UqNaTJ2JtQ2VfPheH3dT2tVpsHPy86G 5f/Dy4MLH6PyXdsP7CUsaXb9JJyIUXbBuSVhvw4fg5j+XyFQ9OTUnZ/tpnxYNPsRhBCL IoWlB5AROud/qPgbWuoJKTt2y1UWq9/E1PpSrr2aWrVyUDno7e8m3mao7BZgbGJaq3oh cdSTpRtoQF794w+8MYL5Za0BXWgrcPTXKxXAoSrbu3MlwqTDnIzDohNcwVpWbrih1nxj +FyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Sved1EC+sHI7uVG57vTyfrllp412Hc4S70ub0AuTI+0=; b=HVynsrTrhvE5hmTDVa/Sf/rLlZEk0kwhX3eKPYk1WnzA7rvwIfHH1kMRqEqKE8u5ku WBDfiE2nldIGevIREzUt+3A9TFanEs8fcoCwEy2CcASuABHrY6WekcIx01vgMn9y3MdC dR7pTVk8aS3TQ6JPoM+YUcfyi2jAEYeFw7dgqS12iXUAINVamElepoR9p8ZHUIbC8Kzf 45DNUbFlTPhhUmUoqham43yWJSbn/lmRwMpeiCOiKzw4oHyPd3C26VU0wqNOBC/uAkP0 pe3500qXHZ64EReQOFkwEbnZowWVfj/7nBK/qXaVGZ99k7syjeFm11bJQSyDRMtbYws2 LFog==
X-Gm-Message-State: AOAM530Jc+Vkvgc/zmQ2bTIdoJfMU9KSRe+Pe2eaRF5+XnUGNYgqfoYC 23yOXrnIamcdNWNm2vmr2+pMScBDv1QFdRjdWxXgpE9BQzA=
X-Google-Smtp-Source: ABdhPJyz6PuoVlfbWp3zFSWHUDjpFoxLG0bBb0awvyHhbaX6ggQPXd9aTTS57bVHULPrALp05J8sVCt0LY9mxid8jVo=
X-Received: by 2002:a17:90a:150e:: with SMTP id l14mr285699pja.208.1619459664210; Mon, 26 Apr 2021 10:54:24 -0700 (PDT)
MIME-Version: 1.0
References: <CAAEB6g=tU=MF1_QKduEN55ft0rWe+7x0wBbywS083fJrjzP=XA@mail.gmail.com> <20210423195504.d6f74x4jsdrzagcc@muon> <CAAEB6g=dcsRKz6zm7F15F-uZ7Zfi_qF06KwQXmrireKEKZYHFg@mail.gmail.com> <49ca86ec6409217d60e3f2e94e3090ef2b571f80.camel@loup-vaillant.fr> <A1765592-7AF7-4F3A-8B22-C5BD6C059A7C@akamai.com> <CAMm+LwjKV3xT_2StxzL4X3BCeTpvwJBMmFMLQUw66xhQNkDNZA@mail.gmail.com>
In-Reply-To: <CAMm+LwjKV3xT_2StxzL4X3BCeTpvwJBMmFMLQUw66xhQNkDNZA@mail.gmail.com>
From: Daniel Franke <dfoxfranke@gmail.com>
Date: Mon, 26 Apr 2021 13:54:12 -0400
Message-ID: <CAJm83bB9CjYe6uBJ5W-AwFoUF0JF-qC6Ek0BCa-xSP_2_=N5VA@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000036c9705c0e3d6ae"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/qFc9GmLyO-BJY2HgigsXqR1ViLA>
Subject: Re: [CFRG] Bitcoin delenda est. Was: Escalation: time commitment to fix *production* security bugs for BLS RFC v4?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Apr 2021 17:54:30 -0000

On Mon, Apr 26, 2021 at 1:29 PM Phillip Hallam-Baker <phill@hallambaker.com>
wrote:

> As a human being living on a planet threatened by environmental damage
> from CO2 emissions, I am strongly opposed to any IETF work to support any
> form of purported 'cryptocurrency' that relies on any form of 'proof of
> work' or 'proof of waste'.
>
> The electricity requirements of cryptocurrencies have been larger than
> that of entire countries. This is an experiment that it is time to stop.
>
> I am entirely serious in this position.
>
>
> Besides the environmental issues, there is the fact that the
> crypto-currency community has consistently failed to establish any
> effective means of preventing the endemic frauds in their systems.
> Fraudulent exchanges regularly steal money from their customers.
> Applications developed by individuals with minimal expertise are used for
> transfers of vast quantities of fictional cash with no effective oversight
> and this results in further frauds.
>
> The cryptocurrency community has a long history of misrepresenting the
> engagement of parties with established reputations as endorsing their
> 'product'. And this presents real risk to the IETF when the least
> objectionable use of the product in question is to evade currency controls.
> Cryptocurrency became popular as a means of paying for illegal drugs and
> has since become the enabler for ransomware.
>
> The cryptocurrency world has no shortage of people who will trash anyone
> criticizing their activities as 'stupid', 'uninformed', 'need to do some
> research'. Fine, let them sort their own messes out.
>
> IETF should take no action that risks a headline 'IETF endorses
> cryptocurrency'. If the ransomware, child abuse and Ponzi scheme industries
> have a problem as a result of a bad technology decision, we should not lift
> a finger to save them.
>
>
> The only conversations I want to have on cryptocurrencies is with
> government regulators looking for ways to regulate these criminal
> facilitation enterprises out of existence as they previously did with
> eGold, Gold Age and BTC's very long line of predecessors which like BTC
> were entirely different but completely the same.
>

 I share your alarm at the economic waste and environmental harm inherent
in proof-of-work-based cryptocurrency. (I do not share your other
objections, and see great promise in permissioned and proof-of-stake-based
blockchains). But what does this have to do with the instant draft? We're
not specifying a proof-of-work function. We're specifying a pairing-based
signature scheme — something with myriad applications beyond
cryptocurrency. Your argument reminds me of demands that we compromise, or
not build, end-to-end encryption schemes because they will be useful to
terrorists. The IETF has categorically rejected those arguments. Why should
we accept yours?

v2.29.0 | Report a Bug | By Email | System Status