ACK Armory used to contain code for handling these alerts but that was removed after the PR removing alerts from Bitcoin Core was merged.
On 9/9/2016 8:42 PM, Gregory Maxwell via bitcoin-dev wrote: > The alert system was a centralized facility to allow trusted parties > to send messages to be displayed in wallet software (and, very early > on, actually remotely trigger the software to stop transacting). > > It has been removed completely in Bitcoin Core after being disabled for a > while. > > While the system had some potential uses, there were a number of > problems with it. > > The alert system was a frequent source of misunderstanding about the > security model and 'effective governance', for example a years ago a > BitcoinJ developer wanted it to be used to control fee levels on the > network and few months back one of Bloq's staff was pushing for a > scheme where "the developers" would use it to remotely change the > difficulty-- apparently with no idea how abhorrent others would find > it. > > The system also had a problem of not being scalable to different > software vendors-- it didn't really make sense that core would have > that facility but armory had to do something different (nor would it > really make sense to constantly have to maintain some list of keys in > the node software). > > It also had the problem of being unaccountable. No one can tell which > of the key holders created a message. This creates a risk of misuse > with a false origin to attack someone's reputation. > > Finally, there is good reason to believe that the key has been > compromised-- It was provided to MTGox by a developer and MTGox's > systems' were compromised and later their CEO's equipment taken by the > Japanese police. > > In any case, it's gone now in Core and most other current software-- > and I think it's time to fully deactivate it. > > I've spent some time going around the internet looking for all > software that contains this key (which included a few altcoins) and > asked them to remove it. I will continue to do that. > > One of the facilities in the alert system is that you can send a > maximum sequence alert which cannot be overridden and displays only a > static key compromise text message and blocks all other alerts. I plan > to send a triggering alert in the not-distant future (exact time to be > announced well in advance) feedback on timing would be welcome. > > There are likely a few production systems that automatically shut down > when there is an alert, so this risks some small one-time disruption > of those services-- but none worse than if an alert were sent to > advise about a new system upgrade. > > At some point after that, I would then plan to disclose this private > key in public, eliminating any further potential of reputation attacks > and diminishing the risk of misunderstanding the key as some special > trusted source of authority. > > Cheers, > _______________________________________________ > bitcoin-dev mailing list > [email protected] > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev _______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
