Bitcoin Forum>Bitcoin>Development & Technical Discussion
Author

Topic: Risk of anyone-can-take output (Read 779 times)

jgarzik
legendary
Activity: 1596
Merit: 1100
Risk of anyone-can-take output
July 23, 2013, 09:06:59 AM
#4
Quote from: pc on July 23, 2013, 08:28:21 AM
Yeah, OP_TRUE and the like are the same as a widely-known private key. I don't see what advantage you get from treating them different at the protocol level, though I suppose a smart client could attempt to inform the user if a payment they received was more likely to be attempted to get double-spent than average, but I'm not sure the user would or should do anything different in that case anyway.

No current client will tell the user "hey, I found an anyone-can-spend" nor list that in their balance.

Clients pattern-match output scripts, and only "see" ones with scripts they recognize.

All other transactions are simply invisible without special software to find them and spend them.

pc
sr. member
Activity: 253
Merit: 250
Re: Risk of anyone-can-take output
July 23, 2013, 08:28:21 AM
#3
Yeah, OP_TRUE and the like are the same as a widely-known private key. I don't see what advantage you get from treating them different at the protocol level, though I suppose a smart client could attempt to inform the user if a payment they received was more likely to be attempted to get double-spent than average, but I'm not sure the user would or should do anything different in that case anyway.
Peter Todd
legendary
Activity: 1120
Merit: 1152
Re: Risk of anyone-can-take output
July 21, 2013, 11:50:17 AM
#2
Miners can already exploit  transaction malleability to screw up transaction chains so I don't see it as a big issue.  It's really not unlike a double-spend frankly.

Ultimately the 100 block rule is there because even without malice without the rule you're going to get a lot of chaos. Anyway the cost to have the rule isn't a big deal, that's less than a day.

edit: I'll also point out, this isn't specific to non-ECDSA transactions either: 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
jl2012
legendary
Activity: 1792
Merit: 1111
Re: Risk of anyone-can-take output
July 21, 2013, 11:46:16 AM
#1
Currently, newly generated coins require 100 confirmations before it could be spent, since reward for orphaned blocks will never come back (if Gavin does not bail them out: https://bitcointalksearch.org/topic/compensating-miners-on-the-wrong-side-of-the-big-fork-156641  Grin ). However, any transactions relaying on "anyone-can-take" outputs, such as

Quote
OP_TRUE
,

or

Quote
OP_HASH256 OP_EQUAL

face similar level of risks. In case there is a block re-org, a miner may grab these outputs for themselves. Should we also flag any transactions without using ECDSA signature as generated coins?
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: