Pages:
Author

Topic: Strange block 74638 (Read 44545 times)

newbie
Activity: 2
Merit: 0
April 10, 2019, 01:11:04 PM
#23
Hey guys,

first off: I'm very sorry to be a grave digger. But I have this (already solved) incident in my mind since I read about it, which was quite a while after it occurred.

Now, I thought about what would happen if the one who generated that transaction had malicious intents. Let's make a thought play:
Transaction was made and someone - let's call him Bob - now holds more than 184bn BTC in his wallet. Knowing the transaction will be detected soon, Bob is in a hurry.

He moves his coins over to an Altcoin exchange and sells whatever he can for Altcoins, crashing the price of e.g. Litecoin, DASH and what not else.

Now, Bob moves his fraudulently generated DASH, Litecoin etc. to his wallets. He has made one hell of a gain, waiting for things to calm, so he can sell his Altcoins back for Bitcoin.

Meanwhile, the incident was detected and five hours later, a "rollback" - the hardfork - was decided upon and done.

What happens now? The Altcoin exchange has some serious trouble: many, many users now have sold Litecoin and DASH for Bitcoins which don't exist, anymore. As the exchange isn't able to pay (let users withdraw their non existing BTC), but the Altcoins are already withdrawn by Bob, what would happen next?

Would that just be a "shit happens" situation, or would the Altcoins which are affected also be forced to do a hardfork?


Anyone who is interested in continuing this thought is welcome to do so! Smiley

It's 2019 and it's the funniest joke I've ever heard since 2015. LoL!

Short answer: Bob couldn't be in a hurry. Because he should wait for 1 year until the creation of the first altcoin.

legendary
Activity: 2328
Merit: 1292
Encrypted Money, Baby!
November 28, 2015, 08:36:50 AM
#22
Hey guys,

first off: I'm very sorry to be a grave digger. But I have this (already solved) incident in my mind since I read about it, which was quite a while after it occurred.

Now, I thought about what would happen if the one who generated that transaction had malicious intents. Let's make a thought play:
Transaction was made and someone - let's call him Bob - now holds more than 184bn BTC in his wallet. Knowing the transaction will be detected soon, Bob is in a hurry.

He moves his coins over to an Altcoin exchange and sells whatever he can for Altcoins, crashing the price of e.g. Litecoin, DASH and what not else.

Now, Bob moves his fraudulently generated DASH, Litecoin etc. to his wallets. He has made one hell of a gain, waiting for things to calm, so he can sell his Altcoins back for Bitcoin.

Meanwhile, the incident was detected and five hours later, a "rollback" - the hardfork - was decided upon and done.

What happens now? The Altcoin exchange has some serious trouble: many, many users now have sold Litecoin and DASH for Bitcoins which don't exist, anymore. As the exchange isn't able to pay (let users withdraw their non existing BTC), but the Altcoins are already withdrawn by Bob, what would happen next?

Would that just be a "shit happens" situation, or would the Altcoins which are affected also be forced to do a hardfork?


Anyone who is interested in continuing this thought is welcome to do so! Smiley
legendary
Activity: 1386
Merit: 1053
Please do not PM me loan requests!
July 24, 2014, 02:51:15 AM
#21
I just looked at this thread before it was super-bumped...

Must be a sign, HL3 confirmed
legendary
Activity: 910
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
July 23, 2014, 08:19:16 AM
#20
Post #1 from 2010 has several threads on the issue...
full member
Activity: 154
Merit: 100
Is there life on Mars?
July 23, 2014, 07:19:23 AM
#19
Well... this issue made it to "The 9 Biggest Screwups in Bitcoin History"

http://www.coindesk.com/9-biggest-screwups-bitcoin-history/

Wow, do they link the thread? I almost got a heart attack while reading that 'a fork will probably fix it' But the block number is quite low, so I maybe should have noticed my mistake earlier. Good thing most of those quirks are now fixed!
sgk
legendary
Activity: 1470
Merit: 1002
!! HODL !!
July 23, 2014, 07:14:59 AM
#18
heh I was being sarcastic at first but that link you provided is actually pretty cool... Thanks Smiley

Thank you.

Although the one I'll always remember is the guy who threw the hard drive with 7500 BTC into a dump yard.
legendary
Activity: 910
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
July 23, 2014, 04:27:20 AM
#17
heh I was being sarcastic at first but that link you provided is actually pretty cool... Thanks Smiley
legendary
Activity: 910
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
July 23, 2014, 04:10:18 AM
#16
Thanks for reporting news from 2010 Smiley
sgk
legendary
Activity: 1470
Merit: 1002
!! HODL !!
July 23, 2014, 04:07:53 AM
#15
Well... this issue made it to "The 9 Biggest Screwups in Bitcoin History"

http://www.coindesk.com/9-biggest-screwups-bitcoin-history/
legendary
Activity: 1246
Merit: 1016
Strength in numbers
August 19, 2010, 10:41:54 PM
#14
I heard that the patch was available before Satoshi awakened.

Nice. I shouldn't even have assumed he did it. I know there are lots of people here with skills.
hero member
Activity: 574
Merit: 513
August 19, 2010, 10:02:27 PM
#13
I heard that the patch was available before Satoshi awakened.
legendary
Activity: 1246
Merit: 1016
Strength in numbers
August 19, 2010, 09:04:47 PM
#12
Did we get luck or is there a secret pager number that alerts Satoshi to emergencies Smiley
hero member
Activity: 574
Merit: 513
August 19, 2010, 07:57:53 PM
#11
Here is some information related to the incident that may be used by anyone else if they would dislike.  If you would like to use it then you may not.

In old/corrupt chain:

Block 74637 has timestamp of 1281891763 (Sun Aug 15 11:34:43 CDT 2010)
Block 74638 had timestamp of 1281891957 (Sun Aug 15 12:05:57 CDT 2010)
Block 74639 had timestamp of 1281892233 (Sun Aug 15 12:10:33 CDT 2010)


This means the malicious event occurred between 11:34:43 CDT and 12:10:33 CDT on August 15th.

https://bitcointalksearch.org/topic/strange-block-74638-822
August 15, 2010, 01:08:49 PM CDT

This means the malicious event was discovered up to about 1.5hrs after it occurred.

https://bitcointalksearch.org/topic/m.9524
August 15, 2010, 03:39:42 PM CDT

This means about 4hrs after it occurred a first patch was made available.

https://bitcointalksearch.org/topic/m.9548
August 15, 2010, 04:40:19 PM CDT

This means about just over 5hrs after it occurred a path was pushed to svn by satoshi.

5 hours is much more impressive than "within a day." even though the official release of 0.3.10 didn't occur until the next day. =/

I first posted this as a comment to http://www.bitcoinblogger.com/2010/08/bitcoin-issues-security-update-faster.html

Other threads related to the issue:
https://bitcointalksearch.org/topic/overflow-bug-serious-823
https://bitcointalksearch.org/topic/version-0310-block-74638-overflow-patch-827
https://bitcointalksearch.org/topic/patch-automatic-block-validation-832
sr. member
Activity: 252
Merit: 268
August 15, 2010, 03:42:17 PM
#10
Let's not keep two different threads open on this subject. Let's move our conversation over to the thread in the dev forum. Moderators, please lock this thread if you agree.
This thread currently has more useful information in it.
Both threads have a link to the other, so usefulness of information doesn't matter. I think the other thread is more appropriate which is why I suggested this one be locked. If a moderator thinks this one is more appropriate, then they should lock the other. Of course if the moderators want both threads going at the same time, that's their prerogative. It's just a suggestion and not really a big deal either way.
sr. member
Activity: 294
Merit: 252
Firstbits: 1duzy
August 15, 2010, 03:38:16 PM
#9
Let's not keep two different threads open on this subject. Let's move our conversation over to the thread in the dev forum. Moderators, please lock this thread if you agree.
This thread currently has more useful information in it.
sr. member
Activity: 252
Merit: 268
August 15, 2010, 03:29:32 PM
#8
Let's not keep two different threads open on this subject. Let's move our conversation over to the thread in the dev forum. Moderators, please lock this thread if you agree.
full member
Activity: 307
Merit: 102
August 15, 2010, 02:50:00 PM
#7
For now I have stopped generating on my nodes.
lfm
full member
Activity: 196
Merit: 104
August 15, 2010, 02:34:18 PM
#6
Im speculating here somewhat but from what I can see someone has generated a transaction, probably using a custom modification of the software to generate a transaction which exploits a weakness in the code. The code check each transaction output for negative numbers individually (up to ver 0.3.8 at least) but forgot to check that the sum of two outputs (where you have the normal output of a transaction and the "change" leftover amount returned to the sender) is negative. So if you put two large but positive values in the transaction the overflow is then only checked that it is less than or equal to the inputs.

Normally the inputs are equal to the outputs of a transaction. The exception is when there is a "fee" charged for the transaction. The net allows anyone to voluntarily pay any amout for a fee. SO when the sum was negative the difference from the input looked like a fee. It slipped thru all the checks. Her is some of the details:
 out Value 1:92233720368.54(7ffffffffff85ee0)
 out Value 2:92233720368.54(7ffffffffff85ee0)

the sum would make -0.01 BTC

generated transaction "reward" including 51 bitcent "fee"
 out Value:50.51(000000012d1024c0)

that implies the input value was 0.50 BTC

newbie
Activity: 15
Merit: 0
lfm
full member
Activity: 196
Merit: 104
August 15, 2010, 01:55:34 PM
#4
This could be a serious problem. Bitcoin's printblock also shows it:

Code:
CBlock(hash=0000000000790ab3, ver=1, hashPrevBlock=0000000000606865, hashMerkleR
oot=618eba, nTime=1281891957, nBits=1c00800e, nNonce=28192719, vtx=2)
  CTransaction(hash=012cd8, ver=1, vin.size=1, vout.size=1, nLockTime=0)
    CTxIn(COutPoint(000000, -1), coinbase 040e80001c028f00)
    CTxOut(nValue=50.51000000, scriptPubKey=0x4F4BA55D1580F8C3A8A2C7)
  CTransaction(hash=1d5e51, ver=1, vin.size=1, vout.size=2, nLockTime=0)
    CTxIn(COutPoint(237fe8, 0), scriptSig=0xA87C02384E1F184B79C6AC)
    CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0xB7A7)
    CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0x1512)
  vMerkleTree: 012cd8 1d5e51 618eba


The sum of the two outputs overflows to a negative. Its a bug in the transaction checks which did not reject it, then someone noticed and exploited it. Presumably a new version will be able to reject it and start a new valid fork. meanwhile should probablt shut down whatever you can and by no means make nor accept any transactions.
Pages:
Jump to: