https://bugzilla.redhat.com/show_bug.cgi?id=1020292 Warren Togami <wtogami@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(wtogami@xxxxxxxxx | |) | --- Comment #29 from Warren Togami <wtogami@xxxxxxxxx> --- Sorry for the delay. Long story short, upstream Bitcoin recommends extreme caution against shipping Bitcoin linked against the heavily patched openssl that Fedora uses. Upstream openssl has proven to be buggy and hazardous to consensus due to unexpected behaviors on different architectures, and they do not have the bandwidth to doubly check bug-for-bug compatibility with another variant that is Fedora's openssl. https://github.com/bitcoin/secp256k1 The next major release of Bitcoin within months will switch the consensus critical portion of secp256k1 ECDSA signing and validation to a super optimized and 2-year audited internal implementation that will be much safer. The upstream recommendation is to HOLD on shipping Bitcoin in Fedora until the new version is available. The possibility of breaking the Bitcoin network due to a large quantity of nodes having a subtly different rule is not only a hypothetical problem. The security issue recently fixed in BIP66 would have been a way to break the network accidentally or intentionally. There are other challenges in the build that will require discussion with FESCo. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review