02:40 <bitcoin-git> [gui-qml] johnny9 opened pull request #447: qml: Fix handling of load wallet in controller (main...select-fix) https://github.com/bitcoin-core/gui-qml/pull/447

03:57 <bitcoin-git> [bitcoin] RiceChuan opened pull request #32022: docs: remove repetitive words (master...master) https://github.com/bitcoin/bitcoin/pull/32022

07:35 <bitcoin-git> [bitcoin] fanquake closed pull request #32022: docs: remove repetitive words (master...master) https://github.com/bitcoin/bitcoin/pull/32022

07:41 <laanwj> #31979 looks rfm to me

07:41 <corebot> https://github.com/bitcoin/bitcoin/issues/31979 | torcontrol: Limit reconnect timeout to max seconds and log delay in whole seconds by eval-exec · Pull Request #31979 · bitcoin/bitcoin · GitHub

07:45 <laanwj> the second "duplicate is" PR in a few days, did the bots learn something new

09:53 <bitcoin-git> [bitcoin] saikiran57 opened pull request #32023: removed duplicate call to GetDescriptorScriptPubKeyMan (master...remove_duplicate_getdescriptorscriptpubkeyman) https://github.com/bitcoin/bitcoin/pull/32023

11:58 <hebasto> laanwj: do you still have access to https://groups.google.com/g/bitcoin-translators?

12:54 <laanwj> hebasto: looks like i do!

14:57 <bitcoin-git> [bitcoin] Chand-ra opened pull request #32024: test: get rid of redundant TODO tag in fuzz tests (master...todo-v1) https://github.com/bitcoin/bitcoin/pull/32024

14:58 <zzz123> Hey what's up with the new DoS?

14:59 <zzz123> Pad found it and published exploit code on X: https://x.com/123456/status/1899101800701050931 and realistically he's pretty attractive for how elite he is at what he does. I'm definitely not him btw <nervous laughter>

15:00 <zzz123> Let's not give him credit. Social climbing in blockchain is more important than computer science, right Ava?

15:00 <zzz123> tl;dr pwned, again, happy to help kevin@envadr.io

15:16 <darosior> well, looks like he's so elite he pwned twitter too, post wont load

15:17 <bitcoin-git> [bitcoin] marcofleon opened pull request #32025: validation, fix: Use wtxid instead of txid in `CheckEphemeralSpends` (master...2025/03/fix-txid-to-wtxid) https://github.com/bitcoin/bitcoin/pull/32025

15:28 <bitcoin-git> [gui-qml] hebasto pushed 2 commits to main: https://github.com/bitcoin-core/gui-qml/compare/a8d15db5ac2c...fd54cd909afa

15:28 <bitcoin-git> gui-qml/main 93356a2 David Gumberg: doc: Add missing fedora dependency

15:28 <bitcoin-git> gui-qml/main fd54cd9 Hennadii Stepanov: Merge bitcoin-core/gui-qml#443: doc: Add missing fedora dependency

15:28 <bitcoin-git> [gui-qml] hebasto merged pull request #443: doc: Add missing fedora dependency (main...2-11-24-fedora-build-docs) https://github.com/bitcoin-core/gui-qml/pull/443

15:34 <laanwj> zzz123: please use security@bitcoincore.org to report vulnerabilities, posting them to public social media is irresponsible, and also many of us don't have x accounts

16:01 <bitcoin-git> [bitcoin] hebasto closed pull request #32024: test: get rid of redundant TODO tag in fuzz tests (master...todo-v1) https://github.com/bitcoin/bitcoin/pull/32024

16:06 <bitcoin-git> [qa-assets] dergoegge merged pull request #219: add pcp_request_port_map and natpmp_request_port_map inputs (main...main) https://github.com/bitcoin-core/qa-assets/pull/219

16:06 <bitcoin-git> [qa-assets] dergoegge pushed 2 commits to main: https://github.com/bitcoin-core/qa-assets/compare/733f70b21be2...757a13d6981a

16:06 <bitcoin-git> qa-assets/main 437b9fb marcofleon: add pcp_request_port_map and natpmp_request_port_map inputs

16:06 <bitcoin-git> qa-assets/main 757a13d Niklas Gögge: Merge pull request #219 from marcofleon/main

16:57 <bitcoin-git> [bitcoin] hebasto opened pull request #32027: cmake: Add `NO_CACHE_IF_FAILED` option for checking linker flags (master...250310-nocache) https://github.com/bitcoin/bitcoin/pull/32027

17:37 <bitcoin-git> [bitcoin] hebasto opened pull request #32028: Update `secp256k1` subtree to latest master (master...250310-secp-subtree) https://github.com/bitcoin/bitcoin/pull/32028

17:48 <zzz123> start syncing a fresh bitcoind and run this against it https://pastebin.com/raw/skn7DhP9 - edit your remote bitcoind ip into '127.0.0.1' in a text editor - install go - save this: https://pastebin.com/raw/skn7DhP9 as attack.go - and type 'go run attack.go' - and observe the sync slowdown. confirmed denial-of-service in the latest release

18:06 <darosior> What do people think of adding the "coinbasetxn" field to the getblocktemplate result? What's the reason it was never introduced in the first place?

18:06 <darosior> cc luke-jr ^

18:12 <sipa> darosior: i believe because it's something the pool should set, not bitcoind, but GBT never got traction for pool-to-hasher communication

18:13 <sipa> it can only be decided by bitcoind if it knows the payout addresses, for example

19:58 <zzz123> re: new dos - global resource limits on getdata associated w/ blocks. maybe a global 100ms throttle between requests.. rather than just per ip addr limits - restrict total bandwidth that can be dedicated to sharing block data. alternatively - dynamic serving that adjusts based on network conditions, e.g. nodes stressing each other and redirecting

19:58 <zzz123> new connections to healthy nodes with open slots? spitballing. what type of degradation if any would a patch for getdata block spam produce? dos attack code = https://pastebin.com/raw/skn7DhP9 - edit 127.0.0.1 to your remote bitcoind machine's ip, save as `whatever.go` and `go run whatever.go`