Topic: Contrary to Mt.Gox’s Statement, Bitcoin is not at fault - Gavin Andresen 10/2/14 - page 3. (Read 13141 times)

Of course! Bitcoin has already done that a few time.

But even if the change makes total sense, and all miners agree to it, it is still something the devs try to avoid as much as possible. Because it renders all unupdated clients non-functionnal. One could say "they just had to update", but sometimes it is not easy. For example, I remember seeing a pool table which could accept bitoin payments to release the balls. It is embedded electronics. Updating that is not easy. In any case, it is bad PR to have some people's software break because of an update, even it is their own fault.

Thus the devs usually try to bunch such "breaking" changes in a single update to minimize the need for such updates, and only do it when a compelling problem requires it. The mutability problem had not been compelling enough before, but it is now.

There is always the possibility to create an alternative format and make it mandatory, starting with block 12345 some time in the future.

Obviously the clients would have to be able to process both the old format (before block 12345) and the new (block 12345 and beyond).

It is a fork, but it could be pre-announced well in time, if a large majority of miners agree.

Fundamentally, if the bitcoin algorithm could not be repaired and improved, it would die an early death.

Adding any new requirement would "break" the protocol. Changing the behavior of signature production/requiring a new field in the transaction indicating which input signed the txid, would make all old wallet/miners/clients/exchange software unoperative.

It would require forking the chain, because the blockchain does not actually contain that info. (I guess though the whole transaction signature might be dropped when the transaction is included in the chain; but then it would be only an "voluntary" rule enforced by miner to NOT include a mutated transaction by a third party.)

Anyway, such "breaking" behavior is generally undesirable. The devs were trying to come up with a unique "canonical" way to construct a transaction such as there is only ONE way to make a given transaction, so that the resulting txid is unique too. A pool recieving a non-canonical transaction would mutate it before inclusion. Software requiring specific txid would make sure of producing a canonical transaction.

That way we would introduce a new desirable behavior, without breaking anything.


In fact I feel it is EXACTLY that.

That, and that, any change cannot be made overnight. And requires a few month of developpement/testing/deployment before thinking of enforcing it. -> A very complicated process for a "non-bug", if people had read the specs and had not assumed txid were non-mutable.

(un)fortunately, the current crisis provides an opportunity to act much more quickly, because we already -do- have broken behavior, it can't get much worse. It can now be "spun" as a critical update that anybody must implement to continue to be able to use bitcoin.

Your BITCOINS have ALWAYS been safe.  What has not been safe, necessarily, is balances in exchanges, which are not actually Bitcoins, any more than your money in a bank is actually dollars.

Any random one, doesn't really matter as long as it can't be changed and can be verified, no?

A "good practice" could be to use that of the first or last input (to speed up verification). The (non-compulsory) ordering could be done when submitting (by the wallet) or when mining the transaction (as a courtesy from miners).

Any random one? Even with thousands of inputs an attacker wouldn't be able to sign a mutated ID with any of the inputs.

Looking around I actually get the feeling that one of the reasons why this minor issue was left on the shelf was because there's so many different people with so many possible different solutions.

Sign it with which private key?  A tx can (and usually does) have multiple inputs.

Why not sign the entire transaction including the TXID?

As always on technology, the name of the game is "shit happens", and the subtitle is "the question is when, not if".

Hopefully some here will have learned a lesson: bitcoin is technology.

Technology is not about finger pointing or religious faith, it's about finding issues, fixing issues and moving everyone forward.

Everyone will mess up technology sooner or later, that's a fact, just like everyone will trip and fall someday.
Communities should be about helping those that fall get back on their feet, not kick them while they're down.

Great to see key proponents cooperating on this issue!

from Bitcoin Foundation:
Update on Transaction Malleability
Gavin Andresen    Feb 11 2014

You may have noticed that some exchanges have temporarily suspended withdrawals and wondering what’s going on or more importantly, what’s being done about it. You can be rest assured that we have identified the issue and are collectively and collaboratively working on a solution.
 
Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software.
 
We (core dev team, developers at the exchanges, and even big mining pools) are creating workarounds and fixes right now. This is a denial-of-service attack; whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming. It’s important to note that DoS attacks do not affect people’s bitcoin wallets or funds.
 
Users of the reference implementation who are bitten by this bug may see their bitcoins “tied up” in unconfirmed transactions; we need to update the software to fix that bug, so when they upgrade those coins are returned to the wallet and are available to spend again. Only users who make multiple transactions in a short period of time will be affected.
 
As a result, exchanges are temporarily suspending withdrawals to protect customer funds and prevent funds from being misdirected.
 
Thanks for your patience. Follow us @BTCFoundation for updates as we learn more and make progress.




really interesting...  so MTGox was 100% right.

Also bitstamp.net temporarily suspended withdrawals...
https://www.bitstamp.net/article/bitcoin-withdraws-suspended/

Anyway, bitcoin foundation is working to find a quick and effective solution, so our bitcoins are safe

You are responsible for doing your own homework.  Nobody else is.

There be update.

https://bitcoinfoundation.org/blog/?p=422

I think maybe somebody, other than me because I'm lazy, should go through the forums and tally up all the GOXXXings.  I can think of at LEAST 3 big ones off the top of my head but I know there were more.

I'm just glad I stopped using Gox that last time I was "Goxxed" this past May. The hand writing has been on the wall since way before then. They need to die out before they do anymore damage to Bitcoin. How many times now has a crash, dip or negative Bitcoin media attention been preceded by some sort of Gox malfunction?

Not really.  All of these businesses are trying to make Bitcoin into something it is not (yet) and most of them took more or less the same easy, and somewhat ignorant, road to doing so.

If anyone based their accounting on the potentially mutable tx-id they were either ignorant of it's nature, or just flat out ignorant.  Either of these mistakes calls into question their viability as a financial services business.  Big time.  They'd probably fail for some other reason if not this.

Why do you feel that it's unlikely that two exchanges can't both do it wrong, independently?

Surely the fact that bitcoin-qt isn't affected lends weight to Gavin's statements?

Suspension of other exchanges now for the same problem discredits Gavin's initial statement that the fault was all with Gox. 

Gox had a foolish way of checking whether people had been paid or not.  It's not inherently Bitcoin's fault that they did that.  It was clear that people would change transaction IDs so I really do think it was Gox that messed up.  Sure, Bitcoin and the Foundation can change it but it's not like BTC was inherently flawed.  It can be changed to make it easier in the future though.  But this selling, I do blame totally on Gox and I don't think you can disagree.

Why can't you believe it?

Hopefully not. Can't believe they don't audit their balances continiously/from time to time an discover such drains just in time.