Pages:
Author

Topic: Malleability counter attack : Malleate to LowS instead of dropping HighS (Read 3644 times)

hero member
Activity: 714
Merit: 662
Just as quick update, the mutation rate over the last 1373396 transactions (about 8 days) for me was 0.9899 %.

I know that coinprism (Open Asset, colored coin wallet) is using an old version of bitcoinjs which create HighS, but now they fix it on the backend to LowS.
I don't think open asset account for a lot, but the malleability attack pushed services to update.
legendary
Activity: 1106
Merit: 1026
Just as quick update, the mutation rate over the last 1373396 transactions (about 8 days) for me was 0.9899 %.
legendary
Activity: 1260
Merit: 1019
It would kick my bot ! Cheesy
I think we have invented new game similar to https://en.wikipedia.org/wiki/Core_War  Grin

ALIEN VS. PREDATOR Mutator vs Malleator. See on every cinema bitcoin client in November '15
hero member
Activity: 714
Merit: 662
Craft a redeem script " OP_EQUALVERIFY", spend it. The mutator will create an invalid transaction which will ban him from the network. Now, you look in your banlist and collect the IP.

For information, my node which is currently malleating HighS to LowS detects around 2 and 4% of HighS signatures.

What if the inner p2sh (redeem) script is the

OP_2DUP OP_EQUAL OP_IF OP_RETURN OP_ENDIF OP_2 OP_2 OP_CHECKMULTISIG

and the scriptSig is
OP_0

It would kick my bot ! Cheesy

For information, my node which is currently malleating HighS to LowS detects around 2 and 4% of HighS signatures.

I started to track the numbers earlier the day, and I currently see about 3.5 %.

It would be interesting to know at which percentage the mutated transactions are mined. Did you gather some stats about this already?

Recently, these are the mutations I've seen: http://bitwatch.co/uploads/mutations-2015-10-18.log (not 100 % online)

I just ran again my mutator, the stat I gather is only the % of mutated and show it every 1000 tx. Boring stuff except when a bot go rampage and mutate 30% of them.
legendary
Activity: 1106
Merit: 1026
For information, my node which is currently malleating HighS to LowS detects around 2 and 4% of HighS signatures.

I started to track the numbers earlier the day, and I currently see about 3.5 %.

It would be interesting to know at which percentage the mutated transactions are mined. Did you gather some stats about this already?

Recently, these are the mutations I've seen: http://bitwatch.co/uploads/mutations-2015-10-18.log (not 100 % online)
legendary
Activity: 1260
Merit: 1019
Craft a redeem script " OP_EQUALVERIFY", spend it. The mutator will create an invalid transaction which will ban him from the network. Now, you look in your banlist and collect the IP.

For information, my node which is currently malleating HighS to LowS detects around 2 and 4% of HighS signatures.

What if the inner p2sh (redeem) script is the

OP_2DUP OP_EQUAL OP_IF OP_RETURN OP_ENDIF OP_2 OP_2 OP_CHECKMULTISIG

and the scriptSig is
OP_0
hero member
Activity: 714
Merit: 662
For information, my node which is currently malleating HighS to LowS detects around 2 and 4% of HighS signatures.
legendary
Activity: 1260
Merit: 1019
Also, the transaction you show me is not P2SH. The term "redeem script" always implies P2SH.
Wat?
hero member
Activity: 714
Merit: 662
Also, the transaction you show me is not P2SH. The term "redeem script" always implies P2SH.
hero member
Activity: 714
Merit: 662
Quote
(note: bc.i parses it incorrect)
Yes, bc.i does not accept OP_RETURN either.
Quote
But it is non-standard and there is no miner today who can confirm it.
Nop.
Standard script rules relaxed for P2SH addresses

Too lazy to find the exact commit though. :p
legendary
Activity: 1260
Merit: 1019
No, arbitrary redeem script are standard since 0.10.
This is not true.

Look to this transaction:
https://blockchain.info/tx/6f1da8a16b067110be35690ca31dc6e483dcf908e83acfa44308bb03c70e3567
It has "arbitrary redeem script" (note: bc.i parses it incorrect)
But it is non-standard and there is no miner today who can confirm it.
hero member
Activity: 714
Merit: 662
Craft a redeem script " OP_EQUALVERIFY", spend it.
This is non-standard script. Your peers will ignore it. Miners should ignore it also even get this tx.

No, arbitrary redeem script are standard since 0.10.
legendary
Activity: 1260
Merit: 1019
I was kind of surprised, because everytimes I send "inv" a transaction, no node seems to know it and all ask the payload.
You are the only person who modify transactions today. My bot is paused for a long time.

Craft a redeem script " OP_EQUALVERIFY", spend it.
This is non-standard script. Your peers will ignore this tx. Miners should ignore it also even get this tx.
hero member
Activity: 714
Merit: 662
Quote
I'm running the "seed" branch, and I see many log entries indicating high S -> low S mutations from my node.

I was kind of surprised, because everytimes I send "inv" a transaction, no node seems to know it and all ask the payload.

By the way, I can craft a special scriptPubKey to make mutator banned from network and get IP of people who mutate transactions to HighS, would it be useful ? does the malleability attack on right now ?

Craft a redeem script " OP_EQUALVERIFY", spend it. The mutator will create an invalid transaction which will ban him from the network. Now, you look in your banlist and collect the IP.
legendary
Activity: 1106
Merit: 1026
New Bitcoin Core release 0.11.1 obviates the problem by mandating LowS.

This is a very good thing, nevertheless, I'd consider high S -> low S mutation as complementary measure, because a) there are nodes out there, which don't use the new policy, b) and miners, and c) wallet implementations.

Note that the policy rejects high S, which may result in legit transactions getting dropped, which is probably not a favorable outcome.

I am kind of surprised, very few transactions are LowS malleated. Nodes to which I connect always ask me to send the payload...
I thought I was not alone oO

Or maybe the HighS already reached all the other node so the LowS version is always ignored...

I'm running the "seed" branch, and I see many log entries indicating high S -> low S mutations from my node.
hero member
Activity: 714
Merit: 662
I am kind of surprised, very few transactions are LowS malleated. Nodes to which I connect always ask me to send the payload...
I thought I was not alone oO

Or maybe the HighS already reached all the other node so the LowS version is always ignored...
hero member
Activity: 714
Merit: 662
I'll keep my program running 1 or 2 weeks the time of miners to update. I'm not alone to do it, but it does not hurt.
legendary
Activity: 1806
Merit: 1164
New Bitcoin Core release 0.11.1 obviates the problem by mandating LowS.
legendary
Activity: 2730
Merit: 1263
It's good enough if one node is modifying high S transactions to low S. There is no need to change the implementation for everyone.
Pages:
Jump to: