Topic: [IMP] Malleability : Attack scheme - page 2. (Read 5525 times)

I hereby propose the following scheme for an attack against an exchange/organisation using txid to track payments :

So if I was the attacker then this is how I would go :

1) Buy some btc with cash from the exchange
2) Try to withdraw it using malleable transactions (for this I would need to make some arrangements)
3) Claim I have not received it and try to get them to send it again
4) Repeat steps 1-3 using different ips and accounts using small amounts so as to make the trace hard to detect.

Attack successful. If not get more than the amount of BTC I should get, it will at least bring the exchange/processor to a halt.

Win win win !!

Or am I missing something ? Would like to know if this is possible from the core devs/experts ?

PS : Obviously this would be successful with an exchange/processor who is using txid for his system. Otherwise the above fails.

UPDATE : For a network level attack against such entities relying on txid see response below https://bitcointalksearch.org/topic/m.5063789

UPDATE 2 : I think this is the same situation described by the update above : http://www.coindesk.com/massive-concerted-attack-launched-bitcoin-exchanges/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+CoinDesk+%28CoinDesk+-+The+Voice+of+Digital+Currency%29 . I'd really like to know if they are not the same. So basically the exchanges are/were delaying to counter such an attack, if I'm not mistaken. I'd really like to know if I am making a logical jump here, since of the devs (not gonna name him for ethical reasons/was a pvt conversation) would keep saying that this is far from the issue. I'd just like to know how.