IRC meeting summary for 2016-01-28

Logs

• link to this week logs
• Meeting minutes by meetbot

Main topics

• Refactoring window
• outstanding issues for 0.12.0
• how does this new “critical” OpenSSL release affect us

Short topics

ajtowns has written some functional test scripts for OP_CSV which will be helpful for testing #7184(BIP 68) and #6564(BIP 112)

Refactoring window

background

jtimon asks when exactly this is and what it entails. Refactoring is moving code around to specific libraries or files to make things easier to read and to safely change parts of the code without affecting other parts.
Mainly these will be moves to facilitate libconsensus, the part that will hold all the consensus-critical code.

meeting comments

Wumpus is fine with starting to merge moveonly stuff.
The refactors might interfere with segregated witness, however waiting for it might cause the refactor window for 0.13 to be missed.

meeting conclusion

Refactor window is from now till -undecided-
Review #7091, #7287, #7310 and #7311

outstanding issues for 0.12.0

background

Bitcoin Core 0.12 is scheduled for release around February and introduces a lot of fixes and improvements. (release notes)
There’s a release candidate 0.12rc2 available at https://bitcoin.org/bin/bitcoin-core-0.12.0/test/

meeting comments

We need to sign the win32 release with a new key for win7+ as the current key uses sha-1 which is broken.
There’s still some controversy how the changes for priority should be noted in the release notes. e.g. #7346
gmaxwell points out we never did anything about the issues with localhost being whitelisted which might cause issues with the new automatic hidden service creation. This issue was raised in the 2015/12/03 meeting

meeting conclusion

There will be a new key, if it takes too long to get it someone else can sign it this time.
gmaxwell will change #7082 to only remove the privledging of localhost. The rest of the PR can be done for 12.1/0.13

how does this new “critical” OpenSSL release affect us

background

There’s a new openSSL release which fixes some security issues. https://mta.openssl.org/pipermail/openssl-announce/2016-January/000061.html
Question is if and how this affects bitcoin.
Since 0.12 bitcoin-core uses their own libsecp256k1 for ECDSA signature verification instead of openSSL.

meeting comments

BIP70 (Payment Protocol) might be affected.
The parts of core that still depend on openSSL are entropy, AES (wallet) and BIP70.
There’s a plan to replace openSSL for entropy with fortuna (build by sipa and gmaxwell), which needs to be build into a separate library.
There are many complications in making a safe random number generator, first among them is fork detection (fork= a unix operation which duplicates the entire process state which will lead to reuse of random numbers)
Wumpus notes openSSL has the same issues and we only have to be better than openSSL, also bitcoin never forks so the problem is mainly for other applications using the library.
It would be good if this was an effort which included non-bitcoin users (e.g. mailinglist & tor)

meeting conclusion

Long term goal is leaving openSSL only for BIP70.

Participants

wumpus           Wladimir J. van der Laan  
jonasschnelli    Jonas Schnelli  
gmaxwell         Gregory Maxwell  
petertodd        Peter Todd  
jtimon           Jorge Timón  
cfields          Cory Fields  
btcdrak          btcdrak  
Luke-Jr          Luke Dashjr  
paveljanik       Pavel Janik  
maaku            Mark Friedenbach  

Comic relief

19:47    wumpus           note also that bitcoin never forks

19:48    wumpus           gmaxwell: just add a disclaimer 'not fork safe'  
19:48    jonasschnelli    'not fork safe'? HF or SF....   
19:48    jonasschnelli    </funmode>