From: Peter Todd <pete@petertodd.org>
To: Bitcoin-Dev <bitcoin-development@lists.sourceforge.net>
Subject: [Bitcoin-development] 2BTC reward for making probabalistic double-spending via conflicting transactions easy
Date: Wed, 15 May 2013 07:38:27 -0400 [thread overview]
Message-ID: <20130515113827.GB26020@savin> (raw)
[-- Attachment #1: Type: text/plain, Size: 1696 bytes --]
Now that I have the replace-by-fee reward, I might as well spread the
wealth a bit.
So for all this discussion about replace-by-fee and the supposed
security of zero-conf transactions, no-one seems to think much about how
in practice very few vendors have a setup to detect if conflicting
transactions were broadcast on the network simultaneously - after all if
that is the case which transaction gets mined is up to chance, so much
of the time you'll get away with a double spend. We don't yet have a
mechanism to propagate double-spend warnings, and funny enough, in the
case of a single txin transaction the double-spend warning is also
enough information to allow miners to implement replace-by-fee.
So I'm offering 2BTC for anyone who comes up with a nice and easy to use
command line tool that lets you automagically create one version of the
transaction sending the coins to the desired recipient, and another
version sending all the coins back to you, both with the same
transaction inputs. In addition to creating the two versions, you need
to find a way to broadcast them both simultaneously to different nodes
on the network. One clever approach might be to use blockchain.info's
raw transaction POST API, and your local Bitcoin node.
If you happen to be at the conference, a cool demo would be to
demonstrate the attack against my Android wallet. I'll buy Bitcoins off
of you at Mt. Gox rates + %10, and you can see if you can rip me off.
Yes, you can keep the loot. :) This should be videotaped so we can put
an educational video on youtube after.
--
'peter'[:-1]@petertodd.org
00000000000000bafd0a55f013e058cc2a672ee0c66b9265a02390d80e4748f5
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
next reply other threads:[~2013-05-15 11:38 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-15 11:38 Peter Todd [this message]
2013-05-15 12:19 ` [Bitcoin-development] 2BTC reward for making probabalistic double-spending via conflicting transactions easy Peter Todd
2013-05-15 13:31 ` Alan Reiner
2013-05-15 12:41 ` Melvin Carvalho
2013-05-15 13:00 ` [Bitcoin-development] double-spend deletes (or converts to fees) (Re: reward for making probabalistic double-spending via conflicting transactions easy) Adam Back
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130515113827.GB26020@savin \
--to=pete@petertodd.org \
--cc=bitcoin-development@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox