Pages:
Author

Topic: New transaction malleability attack wave? Another stresstest? - page 2. (Read 41229 times)

staff
Activity: 4284
Merit: 8808
This is very close to hardfork.
Yes. I do understand that it is not a hardfork in strict terms.
I don't agree, not even in the most lax of terms.

It's a standardizes rule,  and already on the order of 95% of transactions were already conforming.  If a wallet produces a non-conforming transaction anyone in the world can mutate it to the conforming form.  Even absent the auto-mutation, when it doesn't work-- it fails safe: you can still receive transactions, but your sends may not work; and you can either update your software or find someone/something to mutate them for you. It's likely that due to 'helpful' mutation and non-upgraded nodes and miners the remainder will continue to get confirmed (with delays) for some time... and that 5% remaining should drop as electrum and armory get updates out.

I would have preferred to continue to wait to activate the filtering, which has been implemented and waiting in Bitcoin core for years now, until even more users were upgraded... but the ongoing attacks made that a poor trade-off:  There is no reason that the creators of 95% of the transactions should suffer attacks because we were worried about inconveniencing the remaining 5%.   I also called in this thread multiple times for help driving that 5% down to nothing and no one else cares, so-- how much can the negative impact matter when basically none of all the noisy people in this thread cared to lift a finger to help mitigate it?

All the other avenues for "nuisance mutability" that we're aware of were closed long ago, some of those also required getting wallets to update, but far fewer wallets were broken with respect to those rules. Fortunately, until recently, no one who wanted to attack had bothered figuring out how to perform this particular attack (as it's ever so slightly tricker-- can't just be done by stuffing an extra byte in a transaction); unfortunately that didn't last, and so we got to lose huge amounts of effort dealing with this and creating a small amount of additional collateral disruption instead of working on other things; the result will likely also delay the deployment of CLTV some due to difficult in getting miners to update twice in rapid succession... but thats life.
legendary
Activity: 1260
Merit: 1019
So, are you sad that your latest attempt to save people from this great Ponzi
I do not remember when and where I said this.
These are your words, not mine.
hero member
Activity: 616
Merit: 500
I AM A SCAMMER
Users of these defective implementations will have to upgrade, or if that is not possible, they will have to export their private keys and switch to newer software.
This is very close to hardfork.
Yes. I do understand that it is not a hardfork in strict terms.
So, are you sad that your latest attempt to save people from this great Ponzi is being crippled? I see, you are having great time with buttcoiners here...

https://www.reddit.com/r/Buttcoin/comments/3okxo5/does_amaclin_need_some_btc_to_wreck_havoc/

What is your next plan? Going back to your boring job or buying some BTC as retirement fund?
legendary
Activity: 1260
Merit: 1019
Users of these defective implementations will have to upgrade, or if that is not possible, they will have to export their private keys and switch to newer software.
This is very close to hardfork.
Yes. I do understand that it is not a hardfork in strict terms.
sr. member
Activity: 278
Merit: 254
Are there any negatives to this fix?
I suggest reading this thread.

Seriously. such an embarrassment.  So much grunting and flinging of poo and people don't bother to read messages of actual substance.


Here's my summary of the substance.

The "negative" is that old, defective implementations will no longer work.  Users of these defective implementations will have to upgrade, or if that is not possible, they will have to export their private keys and switch to newer software.

Some of us believe that this is not a "negative", rather that it is a "positive".  The fix is not just a convenience fix, it is a security fix, because the continued existence of the bug admits for denial of service attacks.  It also enables malevolent cancellation of transactions that depend on unconfirmed transactions.

legendary
Activity: 2702
Merit: 1261
Are there any negatives to this fix?

If all miners use this rule, a few users with old clients that create high S signatures will not be able to get a confirmation for their transactions. A solution would be to fix their client, wait until the network forgot about this transaction an send new a transaction with a low S signature. Or somebody changes the transaction to low S by using the malleability mechanism.
staff
Activity: 4284
Merit: 8808
Are there any negatives to this fix?
I suggest reading this thread.

Seriously. such an embarrassment.  So much grunting and flinging of poo and people don't bother to read messages of actual substance.


sr. member
Activity: 308
Merit: 250
Looks like 0.11.1 will do something about the attack -> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-October/011500.html

"Make the node require the canonical 'low-s' encoding for ECDSA signatures when
relaying or mining.  This removes a nuisance malleability vector."

Are there any negatives to this fix?
hero member
Activity: 935
Merit: 1002
That attack won't work.If you want to malle a tx you gotta do it the same second as the other tx.Lets say you send it to a gambling site ok but you have to wait at least few seconds for the deposit to show up and for the outcome.If there's at least 1 second delay the first tx will be propagated through the nodes already.
full member
Activity: 162
Merit: 109
It makes it much easier. More nodes will accept the mutated transaction then would accept a transaction that outright conflicts with an existing transaction in it's mempool so the chances of getting the mutated transaction confirmed are greater.
If you make a first transaction will be first to yourself and after immadiatly you will pay to other who accept 0-confirmed tx - yes, this can help to you if your first tx will be duplicated by attacker firstly and be accepted by miners. Ok. But it's difficult way. Ok, you are right, may be it will help.
copper member
Activity: 2996
Merit: 2374
I made some money on this attack, im happy

How would you have made money due to the attack?
Easy. Send a tx to yourself, use those inputs for a second transaction to someone else who accepts 0/unconfirmed transactions, then mutate the txid of the first transaction, making the 2nd transaction invalid, allowing you to double spend the 2nd transaction.

You could do a double-spending without this attack Tongue
This attack doesn't help in this...
It makes it much easier. More nodes will accept the mutated transaction then would accept a transaction that outright conflicts with an existing transaction in it's mempool so the chances of getting the mutated transaction confirmed are greater.
full member
Activity: 162
Merit: 109
Besides BIP 62, which will take time to finalize, what can be done to prevent this attack? What steps can wallets and payment processors take? Thanks for being a good sport.

Stop relying on others to validate your transactions and watch the blockchain for you.
Also, (this is the biggest one) don't categorize transactions based on transaction ID, then store them away and never check them again.

It's not that hard. But it's hard when the wallet is already built from the ground up under the assumption that "Once we see a transaction, even with 0 confirmations, it's as good as done."

Stop making that assumption, and code your wallets accordingly.

Also, there needs to be vigilance on the user side as well.

If you spend unconfirmed change, you are risking the chain being broken.
If you accept unconfirmed transactions with unconfirmed inputs, you are at a large risk of being double spent if you don't wait for at least one confirmation.

The only sure-fire way to prevent becoming a victim is to wait for confirmations.

Yes, these are gold rules... But many companies don't follow these rules.
The gold rule for bitcoin receivers to wait at least 1 confirmation. But many companies who paid to me don't follow these rules and after this attack i should resolve some unpaid trasnactions from them... They think that paid to me (they pay to me through some gateways) but i don't have bitcoins.

This attack has benefited. But for many it is better understood, it is necessary to continue the attack for a long time.

During time of this attack i thought that a bitcoin price will be dropped but one only grown Sad
full member
Activity: 162
Merit: 109
I made some money on this attack, im happy

How would you have made money due to the attack?
Easy. Send a tx to yourself, use those inputs for a second transaction to someone else who accepts 0/unconfirmed transactions, then mutate the txid of the first transaction, making the 2nd transaction invalid, allowing you to double spend the 2nd transaction.

You could do a double-spending without this attack Tongue
This attack doesn't help in this...
copper member
Activity: 2996
Merit: 2374
I made some money on this attack, im happy

How would you have made money due to the attack?
Easy. Send a tx to yourself, use those inputs for a second transaction to someone else who accepts 0/unconfirmed transactions, then mutate the txid of the first transaction, making the 2nd transaction invalid, allowing you to double spend the 2nd transaction.
legendary
Activity: 2702
Merit: 1261
I made some money on this attack, im happy
How would you have made money due to the attack?

Maybe he tricked someone with a broken implementation into sending him money multiple times.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
I made some money on this attack, im happy

How would you have made money due to the attack?
newbie
Activity: 8
Merit: 0
I made some money on this attack, im happy
dirty money?
sr. member
Activity: 435
Merit: 250
I made some money on this attack, im happy
member
Activity: 114
Merit: 10
PMs blocked, send answers to main.
legendary
Activity: 1666
Merit: 1057
Marketing manager - GO MP
I think about you same too.
P.S. Do you have anything to talk about this problem not about me?
What problem? Malleability? THIS IS NOT A PROBLEM.

Sorry. I know too little about bitcoin, malleability, etc. I am newbie. You are right. I am not advanced user. Thank you for notice it.

Sarcasm does not go easily through the internet.  You should use "Grin"even when you think it is obvious.

I think that has more to do with assburgers than internets,
Pages:
Jump to: