From: Adrian Macneil <adrian@coinbase.com>
To: simongreen@airmail.cc
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Significant losses by double-spending unconfirmed transactions
Date: Wed, 15 Jul 2015 10:01:56 -0700 [thread overview]
Message-ID: <CAMK47c91-4FSAWhBaGvAtDZhxWt4ZyKAOKnZO2tC4iewmfYyYA@mail.gmail.com> (raw)
In-Reply-To: <24662b038abc45da7f3990e12a649b8a@airmail.cc>
[-- Attachment #1: Type: text/plain, Size: 2758 bytes --]
> With my white hat on
> Shapeshift.io lost ~3 BTC this week in multiple txs
I assume as a self proclaimed "white hat", you contacted the relevant
companies and returned their funds? Theft is still theft, regardless of
whether you are doing it for research or not.
On Tue, Jul 14, 2015 at 8:29 PM, simongreen--- via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> With my black hat on I recently performed numerous profitable double-spend
> attacks against zeroconf accepting fools. With my white hat on, I'm warning
> everyone. The strategy is simple:
>
> tx1: To merchant, but dust/low-fee/reused-address/large-size/etc. anything
> that miners don't always accept.
>
> tx2: After merchant gives up valuable thing in return, normal tx without
> triggering spam protections. (loltasticly a Mike Hearn Bitcoin XT node was
> used to relay the double-spends)
>
> Example success story: tx1 paying Shapeshift.io with 6uBTC output is not
> dust under post-Hearn-relay-drop rules, but is dust under
> pre-Hearn-relay-drop rules, followed by tx2 w/o the output and not paying
> Shapeshift.io. F2Pool/Eligius/BTCChina/AntPool etc. are all miners who have
> reverted Hearn's 10x relay fee drop as recommended by v0.11.0 release notes
> and accept these double-spends. Shapeshift.io lost ~3 BTC this week in
> multiple txs. (they're no longer accepting zeroconf)
>
> Example success story #2: tx1 with post-Hearn-relay drop fee, followed by
> tx2 with higher fee. Such stupidly low fee txs just don't get mined, so
> wait for a miner to mine tx2. Bought a silly amount of reddit gold off
> Coinbase this way among other things. I'm surprised that reddit didn't
> cancel the "fools-gold" after tx reversal. (did Coinbase guarantee those
> txs?) Also found multiple Bitcoin ATMs vulnerable to this attack. (but
> simulated attack with tx2s still paying ATM because didn't want to go to
> trouble of good phys opsec)
>
> Shoutouts to BitPay who did things right and notified merchant properly
> when tx was reversed.
>
> In summary, every target depending on zeroconf vulnerable and lost
> significant sums of money to totally trivial attacks with high probability.
> No need for RBF to do this, just normal variations in miner policy.
> Shapeshift claims to use Super Sophisticated Network Sybil Attacking
> Monitoring from Blockcypher, but relay nodes != miner policy.
>
> Consider yourself warned! My hat is whiter than most, and my skills not
> particularly good.
>
> What to do? Users: Listen to the experts and stop relying on zeroconf.
> Black hats: Profit!
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
[-- Attachment #2: Type: text/html, Size: 3604 bytes --]
next prev parent reply other threads:[~2015-07-15 17:01 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-15 3:29 [bitcoin-dev] Significant losses by double-spending unconfirmed transactions simongreen
2015-07-15 14:35 ` Tom Harding
2015-07-15 15:18 ` Peter Todd
2015-07-15 15:49 ` Me
2015-07-15 15:53 ` Bastiaan van den Berg
2015-07-15 15:59 ` Peter Todd
2015-07-15 16:06 ` Me
2015-07-15 16:11 ` Pieter Wuille
2015-07-15 16:41 ` Me
2015-07-15 16:12 ` Milly Bitcoin
2015-07-15 18:25 ` Matthieu Riou
2015-07-15 19:32 ` Peter Todd
2015-07-15 19:57 ` Milly Bitcoin
2015-07-16 0:08 ` Matthieu Riou
2015-07-16 5:18 ` odinn
2015-07-17 11:59 ` Peter Todd
2015-07-17 12:56 ` Milly Bitcoin
2015-07-15 17:01 ` Adrian Macneil [this message]
2015-07-16 14:30 ` Arne Brutschy
2015-07-16 14:50 ` Me
2015-07-16 15:33 ` Greg Schvey
2015-07-18 11:43 ` Mike Hearn
2015-07-18 15:09 ` Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMK47c91-4FSAWhBaGvAtDZhxWt4ZyKAOKnZO2tC4iewmfYyYA@mail.gmail.com \
--to=adrian@coinbase.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=simongreen@airmail.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox