diff --git a/Projects/Pinata b/Projects/Pinata index 340c7db..7535224 100644 --- a/Projects/Pinata +++ b/Projects/Pinata @@ -12,9 +12,11 @@ client and a TLS server listening on a port. The total size, including TLS, X.509, TCP/IP, of the virtual machine image is 4MB, which is less than 4% of a comparable system using a Linux kernel and OpenSSL. -When a TLS handshake is successfully completed with mutual authentication, the -Piñata transmits the private key to a bitcoin wallet which initially contained -10BTC. In 2018, most of them will be reused for other projects. +When a TLS handshake with the Piñata is successful including mutual +authentication, the Piñata transmits the private key to a Bitcoin wallet which +initially contained 10BTC. The project started on February 10th 2015. Our +lender transferred on March 18th 2018 the 10BTC and repurposed them for other +projects. On startup, the Piñata generates its certificate authority on the fly, including certificates and private keys. This means that only the Piñata itself contains @@ -22,13 +24,11 @@ private keys which can authenticate successfully, and an attacker has to find an exploitable flaw in any software layer (OCaml runtime, virtual network device, TCP/IP stack, TLS library, X.509 validation, or elsewhere) to complete the challenge. -The Piñata is online since February 2015, and even though thousands of unique IP -addresses established connections and initiated TLS handshakes, no bitcoins were -taken. Looks like its security is decent or obscure enough. +The Piñata is online since February 10th 2015, and even though hundreds of +thousands of connections and initiated TLS handshakes, no Bitcoins were taken. By using a Bitcoin wallet, the Piñata is a transparent bug bounty. Everybody -can observe (by looking into the Bitcoin blockchain) whether it has been -compromised and the money has been transferred to another wallet. It is also -self-serving: when an attacker discovers a flaw, they don't need to fill out -any forms to retrieve the bounty, instead they can take the wallet, without any -questions asked. +can observe (by looking into the blockchain) whether it has been compromised and +the money has been transferred to another wallet. It is also self-serving: when +an attacker discovers a flaw, they don't need to fill out any forms to retrieve +the bounty, instead they can take the wallet, without any questions asked.