BitcoinTalk
Bitcoin and buffer overflow attacks

View Satoshi only

External link

I am convinced that the foundation of bitcoin (ie. the block chain) is secure from any non-nationally funded attack.  The only attack that makes me scared is a buffer overflow attack that steals the private keys in the wallet, however doesn't spend them.

If a significantly large attack happens to the block chain, we can always make a new branch that doesn't include the attack; with the theft of private keys, there is no easy recovery option, save (in the case of a massive attack), starting the block chain from 0 again.

As I'm not a security expert, I do not know how secure bitcoin is against this sort of attack.  However from my non-expert understanding direct to IP address transfers seems like a obvious surface area to attack.

Two questions: what attack areas dose the current bitcoin software have that could enable the theft of bitcoin private keys?
Secondly, what efforts can be taken to minimize the attack surface area of bitcoin?
I am convinced that the foundation of bitcoin (ie. the block chain) is secure from any non-nationally funded attack.  The only attack that makes me scared is a buffer overflow attack that steals the private keys in the wallet, however doesn't spend them.

If a significantly large attack happens to the block chain, we can always make a new branch that doesn't include the attack; with the theft of private keys, there is no easy recovery option, save (in the case of a massive attack), starting the block chain from 0 again.

As I'm not a security expert, I do not know how secure bitcoin is against this sort of attack.  However from my non-expert understanding direct to IP address transfers seems like a obvious surface area to attack.

Two questions: what attack areas dose the current bitcoin software have that could enable the theft of bitcoin private keys?
Secondly, what efforts can be taken to minimize the attack surface area of bitcoin?

I've always thought that the only known possible attacks could allow double spendin or freeze the whole network.

I doubt any attack could steal private keys, apart from conventionnal attacks to the file system.

But I'm not an expert at all.
this isn't about protocol attacks, eg double spend and freezing.  Rather implementation security weaknesses.
There is no way to be absolutely sure that there are no buffer overflow attacks. Although it would help to implement the client in a language that doesn't have buffer overflows because it checks array indices (Python, Java, C#, ...).
direct to IP address transfers seems like a obvious surface area to attack.
If you ever find anyone who turned it on.  It's disabled by default.

There is no way to be absolutely sure that there are no buffer overflow attacks. Although it would help to implement the client in a language that doesn't have buffer overflows because it checks array indices (Python, Java, C#, ...).
It's all STL.  There are almost no buffers.