OpenBitcoinPrivacyProject wallet-ratings issues

OpenBitcoinPrivacyProject / wallet-ratings

Criteria for evaluating Bitcoin wallets' privacy properties.

GNU General Public License v2.0

47 stars 10 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

report clarification: who is our sample user?

#96 kristovatlas opened 8 years ago
1
enhancement: add wallet provider questionnaire document for 3rd edition

#95 kristovatlas opened 8 years ago
0
Countermeasure

#94 kristovatlas closed 8 years ago
0
possible new attack/countermeasure/criteria: network provider observes sensitive traffic such as bloom-related queries

#93 kristovatlas opened 8 years ago
0
Distinguish ecdh addresses

#92 kristovatlas closed 8 years ago
0
fix typos

#91 kristovatlas closed 8 years ago
0
clarify criteria concerning size/output value

#90 kristovatlas closed 8 years ago
0
Add additional acceptance criteria

#89 kristovatlas closed 8 years ago
0
Countermeasures

#88 justusranvier closed 8 years ago
0
Countermeasure: Ability for user to configure wallet client to point to their own balance lookup/broadcast server

#87 kristovatlas opened 8 years ago
2
break up criteria V B 1 a (2nd edition) for PII into multiple criteria

#86 kristovatlas opened 8 years ago
2
consider tor stream isolation as a countermeasure

#85 kristovatlas opened 8 years ago
1
(unprocessed) homomorphically encrypted values to thwart amount-based analysis

#84 kristovatlas opened 8 years ago
0
blockchain attack: optimal change heuristic

#83 kristovatlas opened 8 years ago
5
blockchain attack: shadow change heuristic

#82 kristovatlas closed 8 years ago
9
attacks and countermeasures: generalize queries for balance info to relevant blockchain data

#81 kristovatlas closed 8 years ago
2
Attack: Fingerprint client by observing first hop IP address

#80 kristovatlas opened 8 years ago
8
countermeasure: coinjoins can confound network analysis

#79 kristovatlas opened 8 years ago
2
countermeasure: use code source control with cryptographic integrity

#78 kristovatlas opened 8 years ago
1
criteria: prefix filter score function

#77 kristovatlas opened 8 years ago
1
countermeasure: sender provides txout proofs to alleviate some need for network query

#76 kristovatlas opened 8 years ago
0
countermeasure: slightly random mining fee

#75 kristovatlas opened 8 years ago
9
countermeasure: cut-through payments

#74 kristovatlas opened 8 years ago
0
Attack: Develop fingerprint of human user based on transaction characteristics

#73 kristovatlas closed 8 years ago
3
Network attack: Associate IP address with Bitcoin address during balance lookup by decrypting traffic in transit

#72 kristovatlas opened 8 years ago
4
Add Errata section to README for 2nd edition report

#71 kristovatlas closed 8 years ago
0
Add new attacks to threat model

#70 justusranvier closed 8 years ago
0
criteria: time for mixing

#69 kristovatlas opened 8 years ago
3
consider renaming physical adversary

#68 kristovatlas opened 8 years ago
1
inital commit for edition 3 report

#67 justusranvier closed 8 years ago
1
Attack/Countermeasure: Network observer or wallet provider monitors outgoing transactions

#66 kristovatlas closed 8 years ago
4
Backups and address reuse

#65 kristovatlas opened 8 years ago
3
Add raw data for edition 1 and 2 reports

#64 justusranvier closed 8 years ago
0
Disclosure of risks to users

#63 kristovatlas opened 8 years ago
5
Create and publish cryptographic checksum of weights before starting review of wallets

#62 kristovatlas opened 8 years ago
1
TODO: Review open issues for 1st edition and 2nd edition milestones

#61 kristovatlas opened 8 years ago
0
Attack: Attacker modifies code that is pushed to client before user can review

#60 kristovatlas closed 6 years ago
8
Number of transaction signers is leaked to blockchain in redeem script (e.g. traditional P2SH multisig)

#59 kristovatlas closed 8 years ago
11
Include temporal analysis attacks and countermeasures

#58 kristovatlas opened 8 years ago
7
Criteria refinement: Clearly define standards for telemetry based on what attacks it can aid

#57 kristovatlas opened 9 years ago
4
Feedback countermeasure: Warn user when viewing address seeds

#56 kristovatlas closed 8 years ago
3
May need more criteria related to querying the utxo set when spending

#55 kristovatlas closed 8 years ago
3
Better define criteria for open source code -- what if server end of client/server model is closed?

#54 kristovatlas closed 8 years ago
4
May need criteria for multisig wallets that hold 1or more private keys

#53 kristovatlas opened 9 years ago
6
Attack: Wallet Provider can correlate multiple accounts with cookies or other browser fingerprint

#52 kristovatlas closed 8 years ago
9
go thru this P-Todd writeup for possible attacks/countermeasures

#51 kristovatlas closed 8 years ago
1
distinguish criteria relating to legacy addresses vs ECDH addresses

#50 kristovatlas opened 9 years ago
4
possible countermeasure: allow user to connect to their own full node during wallet setup

#49 kristovatlas opened 9 years ago
2
Wallet should not generate network traffic before asking the user for proxy settings

#48 JeremyRand opened 9 years ago
7
Attack & Countermeasure: Malicious modification of binary during build process

#47 kristovatlas opened 9 years ago
6

Previous Next