Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-08-30 | compute full fees for refresh and spending | Florian Dold | |
2017-08-30 | don't stop injection early | Florian Dold | |
2017-08-30 | mark errata properly | Christian Grothoff | |
2017-08-29 | Footnote but Christian wanted this elsewhere | Jeffrey Burdges | |
2017-08-29 | Actualy this part has nothing to do with BOLT being fragile | Jeffrey Burdges | |
2017-08-29 | Rephrase BOLT fix | Jeffrey Burdges | |
2017-08-29 | Merge branch 'master' of ssh://taler.net/wallet-webex | Jeffrey Burdges | |
2017-08-29 | Errata: Statement about BOLT corrected | Jeffrey Burdges | |
Discussion : Christian & Florian, This is about the UI paper in SPACE, not the protocol paper with real crypto discussions. And the text in question never existed in the protocol paper. Ian, I'm the member of our team who looked into BOLT the most, mostly looking to see if any of the ideas helped us. I might manage to reconstruct more details later, but right now my description there sounds bizarre and wrong. In Taler, our denomination key expirations limit the exchange's liability to double its deposits, even in the case that its private keys are all compromised and used to create unbacked coins. In practice, offline ecash schemes lack this limit due to their decreased ability to rotate denomination keys. I do not see why I wrote that BOLT lacked this property: If I recall, both BOLT payment channel types are created with fixed initial value commitments. In particular, intermediaries have already committed the maximum funds they could transfer to each merchant. That would prevent unbacked transfers in the payment channel, and thus limit liability, even when the intermediary gets compromised. There is an anonymity cost if BOLT's approach limits the number of users in payment channels with each intermediary of course. I do not know if a compromised BOLT intermediary could complete payments to merchants while refunding customers, but even if so that's still not the sort of "unlimited" liability you get in offline ecash schemes. It's just the sort of 2x limit on liability that Taler provides. In BOLT, the x would be value committed to outgoing channels, while in Taler x is value deposited by customers, so I suppose the intermediary could technically be robbed of their money without seeing any incoming money. That's not "unlimited" though. It's limited by the intermediary's commitments to the network. I doubt I even thought about it this deeply though when I wrote that. I think once-upon-a-time I wanted to express some vague concern around intermediaries and anonymity sets in BOLT, but never thought about it clearly, and later managed to confuse myself with conventional ecash issues when discussing related work with Christian while we were writing this usability paper. Sorry for writing what appears to be nonsense! Jeff On Mon, 2017-08-28 at 21:10 +0200, Christian Grothoff wrote: > > -------- Forwarded Message -------- > Subject: bolt attack? > Date: Mon, 28 Aug 2017 18:49:43 +0000 > From: Ian Miers <imiers@cs.jhu.edu> > To: christian@grothoff.org <christian@grothoff.org> > > > > Hi, > Someone pointed me at a copy of your Taler paper from 2016 and pointed > out that it describes Bolt saying there "are numerous seemingly > fragile aspects of the BOLT protocol, including aborts deanonymizing > customers, *intermediaries risking unlimited losses,* and theft if a > party fails to post a refute message in a timely fashion." > > The unlimited loss to intermediaries comment surprised both them and > me. Are you referring to some specific attack or an issue involving > timeouts and delays? > > Thanks, > Ian | |||
2017-08-27 | version bump: 0.4.0-pre1 | Florian Dold | |
2017-08-27 | show error in create reserve dialog | Florian Dold | |
2017-08-27 | proper rounding for amount operations | Florian Dold | |
2017-08-27 | make sure that refreshing works after refund | Florian Dold | |
2017-08-27 | canonicalize account info JSON when collecting them | Florian Dold | |
2017-08-27 | node_modules | Florian Dold | |
2017-08-27 | better error report / retry prompt for failed payments | Florian Dold | |
2017-08-27 | implement refunds | Florian Dold | |
2017-08-25 | add rudimentary error reporting in a new tab | Florian Dold | |
2017-08-14 | remove file | Florian Dold | |
2017-08-14 | node_modules | Florian Dold | |
2017-08-14 | fix build system / types | Florian Dold | |
2017-08-14 | implement returning coins to user's account | Florian Dold | |
2017-08-09 | fix errors in injection | Florian Dold | |
Sometimes chrome reports a different URL for a tab than what it is internally displaying (e.g. for error pages). Previously this lead to a "scary" error message being logged. | |||
2017-07-20 | do not swallow errors | Florian Dold | |
2017-07-20 | Store bank account information for reserve. | Florian Dold | |
Fixes #4852. | |||
2017-07-19 | fix #5112 | Marcello Stanisci | |
2017-07-19 | Option to show the browser in selenium test; useful to debug. | Marcello Stanisci | |
2017-07-01 | consider client age in commpatibility check | Christian Grothoff | |
2017-06-28 | Fix #5095. | Marcello Stanisci | |
2017-06-27 | Adapt screen scraped withdrawing to new bank interface. | Marcello Stanisci | |
2017-06-27 | README | Marcello Stanisci | |
2017-06-06 | fix 'make dist', add changelog, version numbers for 0.3v0.3.0 | Florian Dold | |
2017-06-06 | fix timer typo | Florian Dold | |
2017-06-05 | wallet db version belongs with wallet, not webex | Florian Dold | |
2017-06-05 | pretty reset page | Florian Dold | |
2017-06-05 | properly implement db resetting | Florian Dold | |
2017-06-05 | don't also open history links in popup | Florian Dold | |
2017-06-05 | fix db dump page | Florian Dold | |
2017-06-04 | v0.2.8 | Florian Dold | |
2017-06-04 | check trust by key, not by URL | Florian Dold | |
2017-06-04 | warn about incompatible versions on withdraw | Florian Dold | |
2017-06-04 | v0.2.7 | Florian Dold | |
2017-06-04 | Add libtool version comparison module and tests | Florian Dold | |
2017-06-04 | v0.2.6 | Florian Dold | |
2017-06-04 | nicer auditor display on withdraw | Florian Dold | |
2017-06-04 | some UI fixes | Florian Dold | |
2017-06-04 | memidb work in progress | Florian Dold | |
2017-06-03 | missing property | Florian Dold | |
2017-06-03 | remove unnecessary/broken flatmap | Florian Dold | |
2017-06-03 | don't uglify, since it makes source maps too big | Florian Dold | |
2017-06-03 | remove obsolete header | Florian Dold | |