[stale2002]

O.o wow, that is way worse than I expected.

Do you have a source for where this was written up, or did you come up with this on your own?

I just want to be able to reference back to this in the future. So whenever you decide to publish, I'd love to check it out!

[earlz]

Actually it only seems to be a side effect of our test environment. Using a more realistic environment makes it not effective, sorry for the false alarm

[stale2002]

Hey thanks for the update!

But I'd encourage you to do a bit more investigation.

According to Bitcoin core, there is an inflation vulnerability.

https://bitcoincore.org/en/2018/09/20/notice/

So maybe you weren't too far off from independently discovering the vulnerability yourself.

Edit: apparently you were credited in discovering the vulnerability yourself in the very discloser that I linked.

Congrats!

[earlz]

The credit is currently wrong, it should belong to one of the developers on my team, David Jaenson.

My comment was an early disclosure before I fully understood how sensitive the details were. Even without going into detail or providing any code it was very irresponsible of me to off hand just mention that possibility. It didn't click how sensitive things were until a bitcoin core dev confirmed it. Sorry anyone who sees this. I merely reported the exploit, David Jaenson is our genius security researcher that definitely should deserve all credit.

[CVE-2018-17144]

Yeah. I'd rather you hadn't done that personally.