From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YwE83-00065w-7c for bitcoin-development@lists.sourceforge.net; Sat, 23 May 2015 18:26:35 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.100 as permitted sender) client-ip=62.13.148.100; envelope-from=pete@petertodd.org; helo=outmail148100.authsmtp.co.uk; Received: from outmail148100.authsmtp.co.uk ([62.13.148.100]) by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1YwE7z-0003Pe-EH for bitcoin-development@lists.sourceforge.net; Sat, 23 May 2015 18:26:35 +0000 Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237]) by punt15.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t4NIQPpR034637 for ; Sat, 23 May 2015 19:26:25 +0100 (BST) Received: from savin.petertodd.org (75-119-251-161.dsl.teksavvy.com [75.119.251.161]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t4NIQLHv059308 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Sat, 23 May 2015 19:26:24 +0100 (BST) Date: Sat, 23 May 2015 14:26:21 -0400 From: Peter Todd To: bitcoin-development@lists.sourceforge.net Message-ID: <20150523182621.GA12761@savin.petertodd.org> References: <20150212064719.GA6563@savin.petertodd.org> <20150504043601.GA14728@savin.petertodd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="rwEMma7ioTxnRzrJ" Content-Disposition: inline In-Reply-To: <20150504043601.GA14728@savin.petertodd.org> User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: 38242312-0179-11e5-9f74-002590a135d3 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXQZ1 LRkAXVBSFQB4ABUL BBgUUB08cABYeX95 e0RnX25aWkVlcE56 XU8aUWl4HAYcECYf VUlbdwsadwJIeFFG YlJ7VnAMY3gHZ31p WlZqMm10bDsAdGEN GltQfAobGB1WEmUq fR0aGTwkEAgPVmA9 IhFuNAZaRR5XaA13 eWAsQ1MfLgRaJgpl V0hRHCZSJBEPRjom AUoSGAY3FCZaCSFb HBAsQFdWCyZTUyxE HwNCRVkCGyJeTChO R35UTjEkB1syb11t eg4eLQo2Ght2eyYF BBseDmJeShI+OUwG HEolEyMgPEVyWl9P IlJy X-Authentic-SMTP: 61633532353630.1024:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 75.119.251.161/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1YwE7z-0003Pe-EH Subject: [Bitcoin-development] Replace-by-fee v0.10.2 - Serious DoS attack fixed! - Also novel variants of existing attacks w/ Bitcoin XT and Android Bitcoin Wallet X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 May 2015 18:26:35 -0000 --rwEMma7ioTxnRzrJ Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable My replace-by-fee patch is now available for the Bitcoin Core v0.10.2 release: https://github.com/petertodd/bitcoin/tree/replace-by-fee-v0.10.2 This release fixes a serious DoS attack present in previous releases. Upgrading is strongly recommended for relay nodes, and mandatory for miners. Users of Luke-Jr's gentoo distribution should either disable RBF until a patch is released, or run their node behind a patched node. Previously replacements that spent outputs the transactions they conflicted with would be accepted. This would lead to orphaned transactions in the mempool, a potential bandwidth DoS attack for relay nodes, and even worse, on mining nodes would cause Bitcoin to crash when CreateNewBlock() was called. Thanks goes to to Suhas Daftuar for finding this issue. Additionally, while investigating this issue I found that Andresen/Harding's relay doublespends patch=B9, included in Bitcoin XT=B2, also fails to verify that doublespends don't spend outputs of the transactions they conflict with. As the transactions aren't accepted to the mempool the issue is simply a variant of the bandwidth DoS attack that's a well-known issue of Bitcoin XT. However, interestingly in testing I found that Schildbach's Android Bitcoin Wallet=B3 fails to detect this case, and displays the transaction as a valid unconfirmed transaction, potentially leading to the user being defrauded with a doublespend. While a well-known issue in general - Schildbach's implementation trusts peers to only send it valid transactions and doesn't even detect doublespends it receives from peers - it's interesting how in this case the attacker doesn't need to also do a sybil attack. 1) https://github.com/bitcoin/bitcoin/pull/3883 2) https://github.com/bitcoinxt/bitcoinxt 3) https://play.google.com/store/apps/details?id=3Dde.schildbach.wallet --=20 'peter'[:-1]@petertodd.org 0000000000000000026ca21b4a83e1a818be96db4b532b7e9be2f60d47efff0a --rwEMma7ioTxnRzrJ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQGrBAEBCACVBQJVYMZIXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDAxMDcwNTFjNDhhYzA5NjNhN2QzM2I1M2Y3NTllMTVmNGNk ZDYyNDk5ZTAzMDcwZDUvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfv0RAf+OIqDXO1+sfD18Yjn7k0w2sn8 AfEgRvyZJ3d6XBT7REtM8wh6V0ljKx7bIrPPW91vQFl+4bIvWFnrMVfq4iRbLhd6 J9N26A7al+sMhO/UFpUl1BaMjMGkvt9Qi6aahcQxvNGn43ne4Rd09VvXwM8bsXDD Cnx2InWhvuPYDWWU3QHSr87xLUWCSRFUQncsMfUHibwHxCcPSrPDAcajqxCEnjV7 WT46A3e/sFCysGX06ujVUBEQ0jR+K/I+vF1HY9fQ2g90pYTcIgj8sP76XWHDtFjY POyOo+7bqBvP4+HD1hlBph3SoEd8yy9zKzj6ZB4bGrQcwv/+5mUBN3WfFwJzMg== =KUHR -----END PGP SIGNATURE----- --rwEMma7ioTxnRzrJ--