From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Uca2f-0000AZ-1E for bitcoin-development@lists.sourceforge.net; Wed, 15 May 2013 11:38:45 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.95 as permitted sender) client-ip=62.13.148.95; envelope-from=pete@petertodd.org; helo=outmail148095.authsmtp.com; Received: from outmail148095.authsmtp.com ([62.13.148.95]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1Uca2c-0004eH-R3 for bitcoin-development@lists.sourceforge.net; Wed, 15 May 2013 11:38:45 +0000 Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232]) by punt8.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r4FBca2f092805 for ; Wed, 15 May 2013 12:38:36 +0100 (BST) Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r4FBcRcK001208 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 15 May 2013 12:38:30 +0100 (BST) Date: Wed, 15 May 2013 07:38:27 -0400 From: Peter Todd To: Bitcoin-Dev Message-ID: <20130515113827.GB26020@savin> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="CdrF4e02JqNVZeln" Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: f793df3b-bd53-11e2-b10b-0025903375e2 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXgB1 LRkAXVBSFQZ4AB4L BRYUURk8cANYeX5u ZEFqQHFbVVt/fUFi QwAWERt0NgUzE2Af UUJYf01ReAFMMElC Y1MrAnBffDdTY3l9 RlY+ZXU7ZG1VbXwN GFxcdQlJHhsGRChm bSwpVS8iAkQfS209 KAZuL1cfHUAeel0o NlEoU1scMgQOCwYW E0ZQCitUYkIZSiwn DAVVFVAfGXVWRiFS BhwjPh5ODV4aRjBR AlBMQA0ODCVeGCRB Uyc1 X-Authentic-SMTP: 61633532353630.1019:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 76.10.178.109/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1Uca2c-0004eH-R3 Subject: [Bitcoin-development] 2BTC reward for making probabalistic double-spending via conflicting transactions easy X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 May 2013 11:38:45 -0000 --CdrF4e02JqNVZeln Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Now that I have the replace-by-fee reward, I might as well spread the wealth a bit. So for all this discussion about replace-by-fee and the supposed security of zero-conf transactions, no-one seems to think much about how in practice very few vendors have a setup to detect if conflicting transactions were broadcast on the network simultaneously - after all if that is the case which transaction gets mined is up to chance, so much of the time you'll get away with a double spend. We don't yet have a mechanism to propagate double-spend warnings, and funny enough, in the case of a single txin transaction the double-spend warning is also enough information to allow miners to implement replace-by-fee. So I'm offering 2BTC for anyone who comes up with a nice and easy to use command line tool that lets you automagically create one version of the transaction sending the coins to the desired recipient, and another version sending all the coins back to you, both with the same transaction inputs. In addition to creating the two versions, you need to find a way to broadcast them both simultaneously to different nodes on the network. One clever approach might be to use blockchain.info's raw transaction POST API, and your local Bitcoin node. If you happen to be at the conference, a cool demo would be to demonstrate the attack against my Android wallet. I'll buy Bitcoins off of you at Mt. Gox rates + %10, and you can see if you can rip me off. Yes, you can keep the loot. :) This should be videotaped so we can put an educational video on youtube after. --=20 'peter'[:-1]@petertodd.org 00000000000000bafd0a55f013e058cc2a672ee0c66b9265a02390d80e4748f5 --CdrF4e02JqNVZeln Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBCAAGBQJRk3OzAAoJECSBQD2l8JH73jQH/0ocmPRauMEAnWWggVPTHaO5 rLRvPQRISz0Z6e50JnKoo3djn6kak/dj/p3TPYzg+0Pa/uHsSNVYe6S/l53s7Ew3 t2zjPO6ONIwISzjNCEsf66/1gWIaSMR5bNJdjEWiIz/0UkclYd3t6AQIUQKlZKBY MOPS+G3i/hoVv1Kk4bUy8fpWIqW5bsLruHlBe7IV0H144CsWq1pqpmel6PEX9jps IT7lCy5s+999t4qseNvnJDHmYCauqFCtFcLYhfYdpXMoxGd1Op5C7wY4CAzxBAM5 Zo+g6J6hWrzz5ziu70/pQoLElaRcc2wGP7kFl7UM5ZeQQSxuAbK1TOzBTejF5SY= =4vYf -----END PGP SIGNATURE----- --CdrF4e02JqNVZeln--