public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Tier Nolan <tier.nolan@gmail.com>
To: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Malleability and MtGox's announcement
Date: Mon, 10 Feb 2014 20:47:46 +0000	[thread overview]
Message-ID: <CAE-z3OUK0_8an3xAt3T1Sb_iFLNy=AWwiKZYnrURg_o=w0dmPg@mail.gmail.com> (raw)
In-Reply-To: <52F92CE3.7080105@olivere.de>

[-- Attachment #1: Type: text/plain, Size: 1449 bytes --]

On Mon, Feb 10, 2014 at 7:47 PM, Oliver Egginger <bitcoin@olivere.de> wrote:

> As I understand this attack someone renames the transaction ID before
> being confirmed in the blockchain. Not easy but if he is fast enough it
> should be possible. With a bit of luck for the attacker the new
> transaction is added to the block chain and the original transaction is
> discarded as double-spend. Right?
>

No, the problem was that the transaction MtGox produced was poorly
formatted.

It wouldn't cause a block containing the transaction to be rejected, but
the default client wouldn't relay the transaction or add it into a block.

This means that transaction stalls.

If the attacker has a direct connection to MtGox, they can receive the
transaction directly.

The attacker would fix the formatting (which changes the transaction id,
but doesn't change the signature) and then forward it to the network, as
normal.

The old transaction never propagates correctly.

Up to this point the attacker has nothing gained. But next the attacker
> stressed the Gox support and refers to the original transaction ID. Gox
> was then probably fooled in such cases and has refunded already paid
> Bitcoins to the attackers (virtual) Gox-wallet.
>

They sent out the transaction a second time.

The right solution is that the new transaction should re-spend at least one
of the coins that the first transaction spent.  That way only one can
possibly be accepted.

[-- Attachment #2: Type: text/html, Size: 2049 bytes --]

  parent reply	other threads:[~2014-02-10 20:47 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-02-10 12:28 [Bitcoin-development] Malleability and MtGox's announcement Pieter Wuille
2014-02-10 16:14 ` Troy Benjegerdes
2014-02-10 16:57   ` Nick Simpson
2014-02-10 18:02     ` Troy Benjegerdes
     [not found]   ` <CANOOu=_rQfRORmbEWz=1MVk9dK26ddiCeyeHMaua6iyioBUr4g@mail.gmail.com>
2014-02-10 17:54     ` Troy Benjegerdes
2014-02-10 19:47 ` Oliver Egginger
2014-02-10 20:40   ` Gregory Maxwell
2014-02-10 20:47   ` Tier Nolan [this message]
2014-02-10 20:55     ` Gregory Maxwell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAE-z3OUK0_8an3xAt3T1Sb_iFLNy=AWwiKZYnrURg_o=w0dmPg@mail.gmail.com' \
    --to=tier.nolan@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox