I successfully double spended $400 of Bitcoin today - page 3.

EthanB

sr. member

Activity: 462

Merit: 336

Quote from: Possum577 on October 04, 2015, 11:50:49 PM

Quote from: EthanB on October 04, 2015, 09:51:19 PM

Some of my bitcoin got double-spent today. No loss from my side, but it certainly freaked me out.
Might have been you. Roll Eyes

Oh great. All we need is a this shit to spread and bitcoin will be finished. No one is going to use a payment system that has the real threat of inadvertently defrauding users.

What's being done to fix this?

Here's one article about a potential fix: http://bitcoinvista.com/2014/01/18/fixing-double-spending-why-bitcoin-is-revolutionary/

This is one of the reasons I have been studying bitcoin api, and improving my programming skills. Hopefully the Dev's get some more man-power to handle these things.

Possum577

sr. member

Activity: 434

Merit: 250

Loose lips sink sigs!

Quote from: EthanB on October 04, 2015, 09:51:19 PM

Some of my bitcoin got double-spent today. No loss from my side, but it certainly freaked me out.
Might have been you. Roll Eyes

Oh great. All we need is a this shit to spread and bitcoin will be finished. No one is going to use a payment system that has the real threat of inadvertently defrauding users.

What's being done to fix this?

Here's one article about a potential fix: http://bitcoinvista.com/2014/01/18/fixing-double-spending-why-bitcoin-is-revolutionary/

EthanB

sr. member

Activity: 462

Merit: 336

Quote from: turtlehurricane on October 04, 2015, 10:53:23 PM

Quote from: manselr on October 04, 2015, 10:50:20 PM

I haven't done anything with Bitcoin lately so I feel safe. I also only operate with Bitcoin core as well. I keep reading about this malleability problem and wonder when they will do something about this. It's a pretty serious thread. Will the LN help with this?

I'm glad someone else in this thread recognizes this is a serious problem. It's not a joke.

Bitcoin Core is already fixed, which means the code is out there to make this not an issue. Blockchain.info needs to patch this as soon as they can, tons of people must be freaking out.

I haven't been using my BlockChain since this has become a bigger wide-spread issue. Been using my Core and very sparingly.

turtlehurricane

full member

Activity: 197

Merit: 100

Quote from: manselr on October 04, 2015, 10:50:20 PM

I haven't done anything with Bitcoin lately so I feel safe. I also only operate with Bitcoin core as well. I keep reading about this malleability problem and wonder when they will do something about this. It's a pretty serious thread. Will the LN help with this?

I'm glad someone else in this thread recognizes this is a serious problem. It's not a joke.

Bitcoin Core is already fixed, which means the code is out there to make this not an issue. Blockchain.info needs to patch this as soon as they can, tons of people must be freaking out.

manselr

legendary

Activity: 868

Merit: 1006

I haven't done anything with Bitcoin lately so I feel safe. I also only operate with Bitcoin core as well. I keep reading about this malleability problem and wonder when they will do something about this. It's a pretty serious thread. Will the LN help with this?

EthanB

sr. member

Activity: 462

Merit: 336

Quote from: turtlehurricane on October 04, 2015, 10:02:39 PM

Blockchain.info needs to fix it. Bitcoin Core accounts for this now too.

Basically until a transaction gets confirmed its possible to broadcast another transaction using the same inputs, and if you put the fee alot higher than you have a good shot at getting confirmed first. This is very unusual and not 100% due to the malleability attack itself. The malleability attack makes the blockchain.info wallet software bug out so you can spend an input thats already been used in a transaction.

This can most definitely be used to rob during peer 2 peer trading... the malleability bug itself wont lose you Bitcoins, but this blockchain.info bug definitely could if you buy BTC from a untrustworthy source.

Did you double-spend your posts to get more activity? How do you have more activity than posts?

EDIT : wut https://gyazo.com/53f9ae994fa3c63e9dd38ede63469f75

brg444

hero member

Activity: 644

Merit: 504

Bitcoin replaces central, not commercial, banks

Bitcoin users not affected

turtlehurricane

full member

Activity: 197

Merit: 100

Blockchain.info needs to fix it. Bitcoin Core accounts for this now too.

Basically until a transaction gets confirmed its possible to broadcast another transaction using the same inputs, and if you put the fee alot higher than you have a good shot at getting confirmed first. This is very unusual and not 100% due to the malleability attack itself. The malleability attack makes the blockchain.info wallet software bug out so you can spend an input thats already been used in a transaction.

This can most definitely be used to rob during peer 2 peer trading... the malleability bug itself wont lose you Bitcoins, but this blockchain.info bug definitely could if you buy BTC from a untrustworthy source.

EthanB

sr. member

Activity: 462

Merit: 336

Some of my bitcoin got double-spent today. No loss from my side, but it certainly freaked me out.
Might have been you. Roll Eyes

BitcoinNewsMagazine

legendary

Activity: 1806

Merit: 1164

Coinkite says they solved the problem for their users "... As of today, all deposits into Coinkite accounts must receive one confirmation before we will use them in a new transaction. We have deployed new code that tracks these modified transactions, and when they get confirmed into blocks, we retroactively adjust our records and continue with the new transaction number in effect." Coinbase also says their customers are no longer affected I imagine they did the same.

--Encrypted--

copper member

Activity: 924

Merit: 1007

hee-ho.

Quote

People must be getting robbed today though, this is really dangerous.

wait for the transaction to get confirmed before leaving. problem solved.
also I've read that those attacks doesn't do anything more than that. you won't lose your btc or anything (cmiiw)

turtlehurricane

full member

Activity: 197

Merit: 100

For those that don't know there is a strange new 'attack' underway https://www.cryptocoinsnews.com/bitcoin-attack-coinkite-reports-malleability-attack-urges-caution/

When using blockchain.info wallet any transaction you sent gets sent twice, causing the balance to go negative, at least on the GUI. This is freaking out alot of people, including me when it first happened to me. I sent out around 5 BTC and then suddenly another 5 BTC were sent. Fortunately the remaining BTC were still there, the wallet just went negative even more when I sent those out.

Anyways, I sent 1.65 BTC to someone ( https://blockchain.info/tx/0ded68289e93a5db468293f106a8992e03e7125130340c9929a4e72add3c4b15?show_adv=true ) and it showed up on blockchain as usual, at which point the customer left. Before that transaction confirmed I sent 1.15 BTC to myself using the same input (accidentally, to get my btc out of my fucked up blockchain wallet), except I put a transaction fee 5X higher. The 2nd transaction confirmed before the 1st one did, and the $400 of BTC disappeared from the customer's wallet.

After much confusion, I sent the 1.65 BTC to the customer again after getting my BTC to a Bitcoin Core wallet and all is now well. People must be getting robbed today though, this is really dangerous. Blockchain.info needs to fix this asap. If I was dishonest I could have easily kept the Bitcoins, they were in my wallet and confirmed.

Topic: I successfully double spended $400 of Bitcoin today - page 3. (Read 3698 times)