Pages:
Author

Topic: New transaction malleability attack wave? Another stresstest? - page 12. (Read 41234 times)

member
Activity: 60
Merit: 10
Good thing you only wasted an hour. I'm waiting for over 6 hours for this particular transaction to confirm: http://btc.blockr.io/zerotx/info/844f88ef20fb5d2d2ecf897772d429d9bca1d3cab6314e5ed3017b48940f096a

This tx will not confirm.  It belongs to a tx chain that has already been invalidated by a malleated tx (original is here).
legendary
Activity: 3542
Merit: 1352
Is the attack ongoing again?

Yesterday it caused me to waste an hour of time because funds in my trezor were unspendable, I had to restore wallet from seed on another device then create new trezor wallet to send the funds there. Annoying...

Good thing you only wasted an hour. I'm waiting for over 6 hours for this particular transaction to confirm: http://btc.blockr.io/zerotx/info/844f88ef20fb5d2d2ecf897772d429d9bca1d3cab6314e5ed3017b48940f096a
legendary
Activity: 1260
Merit: 1019
Is the attack ongoing again?
yes

Yesterday it caused me to waste an hour of time because funds in my trezor were unspendable,
Complain to yourself and the developers of your software/hardware.

I had to restore wallet from seed on another device then create new trezor wallet to send the funds there. Annoying...
Any suggestions?
legendary
Activity: 2576
Merit: 1186
I mean really , why Huh Undecided
Because I am able to do it.
With Great power comes great responsibility my child...... Wink
Eh, you realise this kind of thing doesn't need any power, right?

It's literally just a few lines of code in any old boring node...
member
Activity: 60
Merit: 10
Annoying...

This attack is very good at exposing bad software.
legendary
Activity: 1610
Merit: 1004
Is the attack ongoing again?

Yesterday it caused me to waste an hour of time because funds in my trezor were unspendable, I had to restore wallet from seed on another device then create new trezor wallet to send the funds there. Annoying...
member
Activity: 60
Merit: 10
I do not see profit for me doing this. I am not a bitcoin hoDLer.

I am not a "hodler" either; I am not financially or emotionally invested in Bitcoin.  I was just curious as to what the effect on the network would be, so was disappointed that it stopped.  But it has since restarted.

This attack is "free".  There is no profit but also no cost.  The attack is also not very difficult I think, so if you stop then someone can easily start again.
legendary
Activity: 1904
Merit: 1007
With Great power comes great responsibility my child...... Wink
Not in bitcoin world. Responsibility for whom? I do not know you. You do not know me.
There is no third party who can punish me, because I am wrong and you are right.

Props for admitting this and for your attitude. Have a great Sunday!
legendary
Activity: 1260
Merit: 1019
third party banks and national currencies are proven to not be 100% safe either.
Right. There is a relation between "safe" and "cost".
In bitcoin world you pay nothing to developers. And you are totally unsafe.
Sorry, man. Bitcoin is unsafe by design.
sr. member
Activity: 475
Merit: 252
Wrong. There are no "100%-safe" ways at all.
Never said 100%.
If you do not want to be a victim - pay to third party banks and use your national currency.
third party banks and national currencies are proven to not be 100% safe either.

If anyone is looking for a 100% safe thing in life, they're in for some big disappointments.
legendary
Activity: 1260
Merit: 1019
The only sure-fire way to prevent becoming a victim is to wait for confirmations.
Wrong. There are no "100%-safe" ways at all.
First way is "risky & cheap". Second way is "no-so-risky as first, but not-so-cheap"
Bitcoin itself is risky. If you do not want to be a victim - pay to third party banks and use your national currency.
sr. member
Activity: 475
Merit: 252
Besides BIP 62, which will take time to finalize, what can be done to prevent this attack? What steps can wallets and payment processors take? Thanks for being a good sport.

Stop relying on others to validate your transactions and watch the blockchain for you.
Also, (this is the biggest one) don't categorize transactions based on transaction ID, then store them away and never check them again.

It's not that hard. But it's hard when the wallet is already built from the ground up under the assumption that "Once we see a transaction, even with 0 confirmations, it's as good as done."

Stop making that assumption, and code your wallets accordingly.

Also, there needs to be vigilance on the user side as well.

If you spend unconfirmed change, you are risking the chain being broken.
If you accept unconfirmed transactions with unconfirmed inputs, you are at a large risk of being double spent if you don't wait for at least one confirmation.

The only sure-fire way to prevent becoming a victim is to wait for confirmations.
legendary
Activity: 1260
Merit: 1019
Besides BIP 62, which will take time to finalize, what can be done to prevent this attack?
First of all you should ask yourself - should this problem ever been fixed?
(I am very sorry, it is difficult for me to explain in clear English - it is not my native language)
Note, that the process of fixing malleablity problem - is a problem for bitcoin itself.
And this may be dangerous.

Quote
What steps can wallets and payment processors take? Thanks for being a good sport.
These are different questions.
I do not quite understand what is "payment processor" in bitcoin?
Bitcoin itself - is a way to deal without third party. Without payment processor.

The main thing you should think every day - there is nothing "free or cheap" in the real life and in bitcoin world.
If you pay nothing - you have nothing and can not complain.
newbie
Activity: 7
Merit: 0
Besides BIP 62, which will take time to finalize, what can be done to prevent this attack? What steps can wallets and payment processors take? Thanks for being a good sport.

This is the malleability problem: someone is creating copies of transactions

OK. This is not "someone". It is me.
Right now the stress-test is paused. I reserve a right to resume it.
Ask me anything.
full member
Activity: 196
Merit: 100
In which part of the world, it is Sunday now ?

It's a rather rainy Sunday in the UK right now.
legendary
Activity: 1260
Merit: 1019
So you are trying to execute some kind of malicious attack against some site/business?
not today, man.
copper member
Activity: 2996
Merit: 2374
Are you sure you are not doing...?
How can I prove it?

btw. nigers problems don't fuck sheriff
So you are trying to execute some kind of malicious attack against some site/business?
legendary
Activity: 1260
Merit: 1019
Are you sure you are not doing...?
How can I prove it?

btw. nigers problems don't fuck sheriff
copper member
Activity: 2996
Merit: 2374
I mean really , why Huh Undecided
Because I am able to do it.
Are you sure you are not doing this because you are attempting to execute some kind of double spend attack? I would consider the chances of this being high considering your history of maliciously taking advantage of websites/businesses that accept 0/unconfirmed transactions.
legendary
Activity: 1260
Merit: 1019
@amaclin do you have a list of transactions that you modified?
no
Pages:
Jump to: