Also, SPV clients rely on a server correct?!? Then its not trustless because the servers data could be interfered with to say a tx has confirmed when it hasnt causing you to submit your TX and give the attacker coins. I might be misunderstanding SPV but from what I'm reading it communicates with servers and thus their data can be spoofed and it requires a lot of trust.
That is incorrect, SPV is considered trustless (even
by Satoshi in the original Bitcoin whitepaper). The blockchain can still be verified by SPV clients using the headers, and transactions can be verfiied as being in the chain using Merkle branches.
Yeah this is a good attempt but it doesnt work!
Transaction malleability will destroy any trade. ONLY coins with checklocktimeverify can do AT. I also think Qora has it. If you try AT without it, you are going to run into Malleability and one partly will lose all their Bitcoins.
OP_CHECKLOCKTIMEVERIFY is not the only way to solve the problem, preventing any sources of malleability will also prevent this attack. Bitcoin Core 0.9 made a lot of advances in making malleability harder. Bitcoin Core 0.10 (which should be released any day now) makes the signature encoding more strict to prevent malleability in the signature (
BIP 66).
You're right, we're not 100% secure against this attack yet, which is why the alpha version of Mercury only supports testnet trading. As soon as it seems we are safe (no cheap sources of malleability, or OP_CHECKLOCKTIMEVERIFY), Mercury can open up to real trading.
Ok thanks for the link to the SPV paper thats really good to know. When I looked it up it was saying it relied on servers. In that case I would really like to use that in future implementations in my software as well.
Ok the new bitcoin core will not solve the problem. Even a 1% chance of malleability will end up becoming 100% with a dedicated scammer. For example, your program works with raw transactions. So I only need to hold on to the raw, change it a little bit and send it to as many pools and nodes as possible. If they mine my fake TX, then your TX will be considered bad and declined. Both parties work with raw transactions, thats the problem. So I can hold a bad copy and interfere.
I'm not trying to deter you, I'm genuinely concerned about this issue. As you may or may not know, Im the guy from BitHalo. One of the implementations of BitHalo is microtrading which is trustless. I used to consider AT but realized it was way too dangerous. I'm sure some Hero members or more crypto guys can comment on this.
