Quote from: nelisky on August 03, 2010, 06:59:58 PM
Quote from: jgarzik on August 03, 2010, 06:12:28 PM
A good way to prevent long-chain takeover is to store the signature of the last-known “good” block in each bitcoin release binary.
But that is only as good as the trust you have in the distribution channels, which are being discussed in other threads. If a compromised client was to be served as an upgrade, and most running clients would be using this version, then a new chain would replace the old one. What would happen when, after some time, the attack was disclosed and new clients with the real block chain signatures were run? Would the old (real) chain still be alive and replace the bogus one?
We could convince satoshi to always post SHA1 signatures of uploads inside a PGP-signed blocks… establish a chain of trust for both source code and official binaries.