Hello,
What are these pre- and post-Hearn-relay drop rules you are speaking
about? Can anybody shed some light on this? (I am aware of the
minrelaytxfee setting proposed in the 0.11.0 release notes, I just
don't see what this has to do with Mike Hearn, BitcoinXT, and whether
there's a code change related to this that I missed).
Related: is there somewhere a chart that plots `estimatefee` over
time? Would be interesting to see how the fee market evolved over
these past weeks.
Regards
Arne
On 15/07/15 05:29, simongreen--- via bitcoin-dev wrote:
With my black hat on I recently performed numerous profitable
double-spend attacks against zeroconf accepting fools. With my
white hat on, I'm warning everyone. The strategy is simple:
tx1: To merchant, but dust/low-fee/reused-address/large-size/etc.
anything that miners don't always accept.
tx2: After merchant gives up valuable thing in return, normal tx
without triggering spam protections. (loltasticly a Mike Hearn
Bitcoin XT node was used to relay the double-spends)
Example success story: tx1 paying Shapeshift.io with 6uBTC output
is not dust under post-Hearn-relay-drop rules, but is dust under
pre-Hearn-relay-drop rules, followed by tx2 w/o the output and not
paying Shapeshift.io. F2Pool/Eligius/BTCChina/AntPool etc. are all
miners who have reverted Hearn's 10x relay fee drop as recommended
by v0.11.0 release notes and accept these double-spends.
Shapeshift.io lost ~3 BTC this week in multiple txs. (they're no
longer accepting zeroconf)
Example success story #2: tx1 with post-Hearn-relay drop fee,
followed by tx2 with higher fee. Such stupidly low fee txs just
don't get mined, so wait for a miner to mine tx2. Bought a silly
amount of reddit gold off Coinbase this way among other things. I'm
surprised that reddit didn't cancel the "fools-gold" after tx
reversal. (did Coinbase guarantee those txs?) Also found multiple
Bitcoin ATMs vulnerable to this attack. (but simulated attack with
tx2s still paying ATM because didn't want to go to trouble of good
phys opsec)
Shoutouts to BitPay who did things right and notified merchant
properly when tx was reversed.
In summary, every target depending on zeroconf vulnerable and lost
significant sums of money to totally trivial attacks with high
probability. No need for RBF to do this, just normal variations in
miner policy. Shapeshift claims to use Super Sophisticated Network
Sybil Attacking Monitoring from Blockcypher, but relay nodes !=
miner policy.
Consider yourself warned! My hat is whiter than most, and my skills
not particularly good.
What to do? Users: Listen to the experts and stop relying on
zeroconf. Black hats: Profit!
_______________________________________________ bitcoin-dev mailing
list bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
--
Arne Brutschy <
abrutschy@xylon.de>
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.orghttps://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev