Pages:
Author

Topic: [SUCCESS] Double Spend against a satoshidice loss (Read 19096 times)

legendary
Activity: 2940
Merit: 1333
Another suggestion he made is to keep a list of inputs spent against the casino and decline any bets that attempt to reuse the inputs.

How about just rejecting transactions with non-canonical signatures.  The bot that is making the double-spends is simply adding an extra 00 to the front of one of the signatures.  If you filter out all such transactions you'll be OK.

In the event that the bot's cloned transaction gets mined and the original bet transaction doesn't, it will look as if you ignored a bet, but you can point out that the bet has a non-standard signature which is why you didn't accept it.
legendary
Activity: 1120
Merit: 1164
SIGHASH_ALL is the default so it should work fine.

It may be the default, but if you don't make sure SIGHASH_ALL is actually being used an attacker can make bets and use the malleability as a way of recovering their loses while denying that they did it. I also explained elsewhere how people could agree to help each other recover their loses using this method, and that cooperation can happen without any central co-ordination at all.
legendary
Activity: 1526
Merit: 1134
SIGHASH_ALL is the default so it should work fine.
sr. member
Activity: 364
Merit: 252
I see, so the unconfirmed gets broadcasted, then the modified tx double spends it successfully it gets 1 confirmation and is relayed after 1 or more confirmations by all nodes regardless of the first unconfirmed (now invalid) tx.

Very very cool, code monkey and I are looking @ bitcoin Script now, might have to hack up a parser for perl - fortunately it is extremely well documented in the wiki Smiley .
Another suggestion he made is to keep a list of inputs spent against the casino and decline any bets that attempt to reuse the inputs.

edit: seems a perl bitcoin Script implementation already exists Cheesy https://github.com/grondilu/libbitcoin-perl/blob/master/Bitcoin/Script.pm
legendary
Activity: 1120
Merit: 1164
Say if you connected to a 1 well connected node (eg slushpool) and used -nolisten, would this also prevent seeing modified versions of the same txid ?
Or is it possible for a non malicious node to rebroadcast the same spending of inputs a 2nd time using a diff signature ?

Quote
In fact, it can be done by a non-miner who is well connected too: again, watch for satoshidice wins, and this time use a form of transaction malleability that is a standard transaction and thus will be relayed by other nodes. Now immediately broadcast the modified transaction to as many nodes as you can. The vast majority of the time nothing will happen - the modified tx won't be accepted because nodes already have the original - but every once in awhile it will happen to be accepted by a miner and get confirmed.

re-reading this I appreciate it a bit more, so by connecting to trusted peers "should" eliminate risk of a re-roll.

No, the re-roll there happens because the tx gets mined, and thus the first tx gets removed from your mempool, and you see the second one. After the fact it will look like you received a bet but never paid out.

Something my code monkey suggested
Code:
# just testing and brain storming alt solutions to this issue on the test engine
hmac_sha512(secret(join(sort(@all_vout_txids)))

If sorting the txin's makes it easier to code, that's fine, but remember that regardless you must ensure at least one of the signatures uses SIGHASH_ALL or anyone can add extra txin's and change the lucky number.
sr. member
Activity: 364
Merit: 252
Say if you connected to a 1 well connected node (eg slushpool) and used -nolisten, would this also prevent seeing modified versions of the same txid ?
Or is it possible for a non malicious node to rebroadcast the same spending of inputs a 2nd time using a diff signature ?

Quote
In fact, it can be done by a non-miner who is well connected too: again, watch for satoshidice wins, and this time use a form of transaction malleability that is a standard transaction and thus will be relayed by other nodes. Now immediately broadcast the modified transaction to as many nodes as you can. The vast majority of the time nothing will happen - the modified tx won't be accepted because nodes already have the original - but every once in awhile it will happen to be accepted by a miner and get confirmed.

re-reading this I appreciate it a bit more, so by connecting to trusted peers "should" eliminate risk of a re-roll.

Something my code monkey suggested
Code:
# just testing and brain storming alt solutions to this issue on the test engine
hmac_sha512(secret(join(sort(@all_vout_txids)))
legendary
Activity: 1120
Merit: 1164
You meant SIGHASH_ALL, right? SIGHASH_NONE is not generated by any client today and makes a wildcard transaction that can have any outputs.

Good catch, fixed.
legendary
Activity: 1526
Merit: 1134
You meant SIGHASH_ALL, right? SIGHASH_NONE is not generated by any client today and makes a wildcard transaction that can have any outputs.
legendary
Activity: 1120
Merit: 1164
A simple way to fix this issue would be to first only accept bet transactions whose inputs are confirmed, and secondly change the lucky number algorithm from hmac_sha512(secert,txid:out_idx) to hmac_sha512(secert,txin_1:out_idx | txin_2:out_idx ... | txin_n:out_idx)

That is an excellent proposal, one which we will be implementing shortly Smiley

Good to hear!

One last thing, you also need to mandate that at least one txin signature uses SIGHASH_ALL so the txin list can't be changed after the fact. Once you've taken that step you'll only be vulnerable to regular, miner-supported, double-spends.

EDIT: fixed SIGHASH_NONE brainfart.
sr. member
Activity: 364
Merit: 252
A simple way to fix this issue would be to first only accept bet transactions whose inputs are confirmed, and secondly change the lucky number algorithm from hmac_sha512(secert,txid:out_idx) to hmac_sha512(secert,txin_1:out_idx | txin_2:out_idx ... | txin_n:out_idx)

That is an excellent proposal, one which we will be implementing shortly Smiley
legendary
Activity: 1120
Merit: 1164
That is a very good point!  Anybody at all can create modified versions of any transaction in that manner and change its txid arbitrarily.
If i understand that correctly, that means SD will be exploited soon by players, well-connected hosts or miners?

Not at all. Remember that the modified transaction still goes to the same place, so SD still gets their money. SD just needs to stop paying out twice when it sees two transactions spending the same input.

Re-read my last point at the bottom about undetectable forms of malleability, and keep in mind it's only an issue because players communicate with SD via the blockchain, and the blockchain is public.
hero member
Activity: 668
Merit: 501
That is a very good point!  Anybody at all can create modified versions of any transaction in that manner and change its txid arbitrarily.
If i understand that correctly, that means SD will be exploited soon by players, well-connected hosts or miners?
legendary
Activity: 2940
Merit: 1333
Just to re-iterate: this kind of modification, transaction malleability, is something that can be done by miners without the person who submitted the transaction even knowing. In other words that "high-roller" may not have had anything to do with the double-spend at all.

That is a very good point!  Anybody at all can create modified versions of any transaction in that manner and change its txid arbitrarily.  This presents a way for satoshidice to cheat their players too, by transmitting modified versions of winning bets before they confirm.
legendary
Activity: 1120
Merit: 1164
So the input wasn't even re-signed.  The old signature was simply left-padded with an extra zero byte, changing the txid.

Just to re-iterate: this kind of modification, transaction malleability, is something that can be done by miners without the person who submitted the transaction even knowing. In other words that "high-roller" may not have had anything to do with the double-spend at all.

It's especially ugly because an evil miner can simply watch the mempool for all losing satoshi-dice transactions, and then modify every one of them and attempt to mine a block filled with now-modified transactions. Of course the miner doesn't know satoshidice's secret, so they can't pick winners or losers - they are essentially rolling the dice again - but for every game with a win probability of p your new win probability will be p + p^2. For instance if you bet on a 50% chance game, you'll now have a 75% chance of winning. On a 25% chance, you'll now have 37.5% chance.

In fact, it can be done by a non-miner who is well connected too: again, watch for satoshidice wins, and this time use a form of transaction malleability that is a standard transaction and thus will be relayed by other nodes. Now immediately broadcast the modified transaction to as many nodes as you can. The vast majority of the time nothing will happen - the modified tx won't be accepted because nodes already have the original - but every once in awhile it will happen to be accepted by a miner and get confirmed.

A simple way to fix this issue would be to first only accept bet transactions whose inputs are confirmed, and secondly change the lucky number algorithm from hmac_sha512(secert,txid:out_idx) to hmac_sha512(secert,txin_1:out_idx | txin_2:out_idx ... | txin_n:out_idx) This works because the betting transaction refers to the txin's by hash, so if you change the betting transaction hash, the lucky number doesn't change, on the other hand the txin's are already confirmed in the chain and can't be changed. Note that you'll need to ensure the SIGHASH bits in the signatures are their standard value; ANYONECANPAY still allows changing the txin set without invalidating the signatures. Of course regular double-spends are still possible, but at least they can't be done by a third party.

Note that having the txin's be confirmed is essential: if they aren't you can pull an even worse version of the same trick by modifying the txin hash, thus invalidating the bet transaction.

EDIT: While we're at it, I also noticed that satoshidice is accepting transactions with non-default SIGHASH's for the signatures. For instance I just made bde69c82fa0870bb156edb334da4a8013d5d385e93608110313a8695184d6365 with the signature using SINGLE|ANYONECANPAY, which means any node on the network is free to add their own inputs and outputs to the transaction provided they do not modify the one input and one output I signed, again changing the tx hash. It's a more minor issue, but it would allow people to setup co-operating decentralized double-spenders without even having to communicate what transactions to double-spend too.

EDIT2: The really interesting thing would be to come up with a form of malleability that is undetectable after the fact. Satoshidice could also just not transmit wins when the second, winning, transaction gets mined. They can prove their honestly by just pointing out that the second tx was modified, and the first was normal. However if you can come up with a form of malleability where both transactions are indistinguishable there will be know way of knowing if the miner turned a win to a loss or vice-versa, and hence satoshidice doesn't have much choice other than paying out the wins. At this point they simply have to change the way wins are calculated.
legendary
Activity: 2940
Merit: 1333
I see three more pairs of double-spends from the same wallet:

75c39711ab8dee9fd6c6b166c17b6a12209d472990b230c0bb2ce0d8bd0fb248 and c651661bbe39c1dabe52892fce8eeef8932ba349392b64b5848167e683128cd4,

87d222fcee789576195fd524b22f84e1562d241e67bbc3e971b4d6659da0be91 and c97a74b8ba7edacc72f2be39a05a0ff2b8821ec87e16fb400458d8d6ff8086d4

28be43a55c9a88e11254094be7486e6c6db9d6c73bd352bbfea0f9abc5e33170 and 5a9c49c118e1655b511b76a0cb2978f4b5ebe7773a938664ecf304b5c35a9ee7.

In each pair, the two transactions are identical except that the first input script is one byte longer in the 2nd of the pair.  For instance, in the first pair we see input scripts:

Quote
30 46 02 21    00da2f0d0925960b1c8cb87fc04e02ddfd8cb6cfa947c656e652d1fb315ef66db5022100a494956 71a1f6f86520a126780f980a6fee0e22943143527cca38b3f489704f401 04090871c9bb80ebcd923d8e8b76194085afc9d417831545b4380cacc02dc2214966eea799a3d04 a2098c12d76aab3bbd95d94ec985094a71830e2bb739a255788
and
Quote
30 47 02 22 00 00da2f0d0925960b1c8cb87fc04e02ddfd8cb6cfa947c656e652d1fb315ef66db5022100a494956 71a1f6f86520a126780f980a6fee0e22943143527cca38b3f489704f401 04090871c9bb80ebcd923d8e8b76194085afc9d417831545b4380cacc02dc2214966eea799a3d04 a2098c12d76aab3bbd95d94ec985094a71830e2bb739a255788

So the input wasn't even re-signed.  The old signature was simply left-padded with an extra zero byte, changing the txid.
legendary
Activity: 2940
Merit: 1333
I mentioned these apparently double spends here.  The guy owing these transactions had a pretty unlikely winning streak overnight.

the first one is the transaction that was invalidated (containing 613 BTC to SD), and the second one is the one that replaced it, looks to be similar... probably just a "re-roll":

The two transactions are apparently almost identical.  All the inputs and outputs are the same (except for the first input script, which starts with an extra 0 byte in the 2nd transaction).  It looks like the same transaction was just slightly modified, re-signed and re-sent.

As a result, your formatting of the transactions shows no 'sender' for the 1st input of the 2nd transaction:

Quote
Code:
Transaction:
   TxHash:    54825a1963a0fc4b566cd415690986c835a84974ceb00ae3649ed311a39d2a2e (BE)
[...]
   Inputs:
      PyTxIn:
         PrevTxHash: e7b58ff78217d9c2dbf1241caf5fe4fcd92e0d2513377a172fd045549fcdc98f (BE)
         TxOutIndex: 0
         Script:     (493046022100c9f4ebda0ef6a9cdfbec47395f6f9003db03fa6a1e988f6cf6c6)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
[...]

Code:
Transaction:
   TxHash:    47bfb18624d0f1ed09e895fe427dcd9a3cef709d92ccedd48528b7774e8f7e23 (BE)
[...]
   Inputs:
      PyTxIn:
         PrevTxHash: e7b58ff78217d9c2dbf1241caf5fe4fcd92e0d2513377a172fd045549fcdc98f (BE)
         TxOutIndex: 0
         Script:     (00493046022100c9f4ebda0ef6a9cdfbec47395f6f9003db03fa6a1e988f6cf6)
         Seq:        4294967295
[...]

Edit: http://blockchain.info/tx-index/47564468 confirms that the first input script starts with an OP_FALSE, but of course that doesn't matter because the rest of the script is pushed on top of it on the stack.  The OP_FALSE will still be on the stack when the script finishes executing, but, according to the wiki, "A transaction is valid if nothing in the combined script triggers failure and the top stack item is true", so the buried OP_FALSE doesn't matter.

legendary
Activity: 1428
Merit: 1093
Core Armory Developer
I was doing some Armory testing last night and shutdown Bitcoin-Qt ... meaning my double-spend detection script was disconnected... What timing! 

However, I turned it on this morning and was able to catch some excitement at 2:44pm EST -- a bunch of bets total 613 BTC was invalidated (at least from where I'm sitting in the network).

This invalidation was a straight zero-conf replacement (no replacing tx on which it was depending).  This is all the information I have... the first one is the transaction that was invalidated (containing 613 BTC to SD), and the second one is the one that replaced it, looks to be similar... probably just a "re-roll":

Code:
Transaction:
   TxHash:    54825a1963a0fc4b566cd415690986c835a84974ceb00ae3649ed311a39d2a2e (BE)
   Version:   1
   nInputs:   15
   nOutputs:  9
   LockTime:  0
   Inputs:
      PyTxIn:
         PrevTxHash: e7b58ff78217d9c2dbf1241caf5fe4fcd92e0d2513377a172fd045549fcdc98f (BE)
         TxOutIndex: 0
         Script:     (493046022100c9f4ebda0ef6a9cdfbec47395f6f9003db03fa6a1e988f6cf6c6)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 73ed5c2ebb46b065ce60e8032dbb302ca35844a422efe97c4e51a899b0f7b5d4 (BE)
         TxOutIndex: 0
         Script:     (483045022100eed323557e4c64468bbc6ea29127d7cc32174040abb1fad80e6f)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 7b22d93449f68c77e983e3293a9f7e2ff1d168cd38fe583e59fcb9f48920c2ee (BE)
         TxOutIndex: 0
         Script:     (47304402200b219204a17742c08b33f010273d8587d92e4250b785c20c202ada)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 3b3d950b16804433a6c51ee20b7f2cbf960c29d4f4f807d4401cf7ecbd129b5d (BE)
         TxOutIndex: 0
         Script:     (483045022100fb3c5b09df5f7ee08fd67a48f100bab72b98caca0627d38f27c5)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 0f2e75cd762a29e99833cd74cfb0146e8e0c9da154c28e3fe3f93b4ae07fb6ff (BE)
         TxOutIndex: 0
         Script:     (493046022100ef1b39f1c8e9a9cfea3078a9b84b14aa28e767f8d68e4f0350e1)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: d4bb36bc35374261d09fa9f1b32c30be42eeb7a1b6e065ad49f69ca90f82c9e3 (BE)
         TxOutIndex: 0
         Script:     (483045022048cdb8f317f34cd1ed2aa0f70233ed900ba09b530b7c45fb1756bd)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 673523e82a5522e43495806675fd55827551d19967717de7614a7cb1604ae11c (BE)
         TxOutIndex: 0
         Script:     (483045022100aac3d77c8aea7226d4ce907f3545d1c45dfa3b0e0218679a52df)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: d28f2ab759e302242c3364e2b3942b4f8726db582305df80deb5933ede6cb3ec (BE)
         TxOutIndex: 0
         Script:     (47304402201d26918c38b1200b3b8e3902fdc91ad0adc578b6d5cda1f30c94a7)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: b43aed06284a97a1977bc6f5f523e175dae220a7e3ea2bae79350279df2e396d (BE)
         TxOutIndex: 0
         Script:     (493046022100d461c1df9eb08a237f7fac396ed5ff4497ed2a6019b00a10b282)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: b593b0e4f026f0fa384dc821ffe4a70f567f55696ff509f4b0fa7e148b354815 (BE)
         TxOutIndex: 0
         Script:     (493046022100f35d2b1e7a695df93402d3dcdce356bc0e6d510d2fc437726508)
         Sender:     1MxgyKiKiHEemMUTJuq9NAbjmhKnUL5Ric
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 747969dcc31ea6c3ed01bf7a1c970d50d7dacb885068f8e03b464a5abdfa5e44 (BE)
         TxOutIndex: 0
         Script:     (4730440220704b975e73a8ceb2cff37580ea867a7a792b61b3762bae34092237)
         Sender:     1MxgyKiKiHEemMUTJuq9NAbjmhKnUL5Ric
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: e15cddae2f36bbf27045bba9aa0eede24e30e733a83bb4a2214d31a74731cdbd (BE)
         TxOutIndex: 0
         Script:     (47304402205be446e867d43b884756217bc6e1bd414354ad7d1ffbb6ae0b9f51)
         Sender:     1MxgyKiKiHEemMUTJuq9NAbjmhKnUL5Ric
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 3865e1176077e06eca8089bcc49691d22c285a7499564723041104baff1de558 (BE)
         TxOutIndex: 8
         Script:     (48304502206cedfbaf681a98c827445ef33851154dc16dda797a906cd2732e3e)
         Sender:     1Di6ux3CQBNXCZLD76BsnYWDo6XnFGzQah
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 204f7599883588e752578988bc43cb7572010ecd25fe8a34dba7ffdaadf592db (BE)
         TxOutIndex: 8
         Script:     (493046022100d2e46f587078fd6de62172908b5eb2962ea64dae3b6eb96e0a3e)
         Sender:     1Di6ux3CQBNXCZLD76BsnYWDo6XnFGzQah
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 30a8ed895212e2f7f18e67526ae37fbbdf9562017892f79ff8459226be627994 (BE)
         TxOutIndex: 8
         Script:     (493046022100bc7b0681e2ba82ad4f89e83fd21e1a94c6fb402de13cea22fb55)
         Sender:     1A3z7M6GhpUejQ5eqgSyjVWRuezeepdKKV
         Seq:        4294967295
   Outputs:
      TxOut:
         Value:    10000000000 ( 100.0 )
         Script:   OP_DUP OP_HASH (1dice97ECuByXAvqXpaYzSaQuPVvrtmz6) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    10000000000 ( 100.0 )
         Script:   OP_DUP OP_HASH (1dice8EMZmqKvrGE4Qc9bUFf9PX3xaYDp) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    25000000000 ( 250.0 )
         Script:   OP_DUP OP_HASH (1dice7W2AicHosf5EL3GFDUVga7TgtPFn) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    10000000000 ( 100.0 )
         Script:   OP_DUP OP_HASH (1dice7fUkz5h4z2wPc1wLMPWgB5mDwKDx) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    5000000000 ( 50.0 )
         Script:   OP_DUP OP_HASH (1dice7EYzJag7SxkdKXLr8Jn14WUb3Cf1) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    1000000000 ( 10.0 )
         Script:   OP_DUP OP_HASH (1dice6YgEVBf88erBFra9BHf6ZMoyvG88) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    200000000 ( 2.0 )
         Script:   OP_DUP OP_HASH (1dice6DPtUMBpWgv8i4pG8HMjXv9qDJWN) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    100000000 ( 1.0 )
         Script:   OP_DUP OP_HASH (1dice5wwEZT2u6ESAdUGG6MHgCpbQqZiy) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    15215213996 ( 152.15213996 )
         Script:   OP_DUP OP_HASH (1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ) OP_EQUAL OP_CHECKSIG

Code:
Transaction:
   TxHash:    47bfb18624d0f1ed09e895fe427dcd9a3cef709d92ccedd48528b7774e8f7e23 (BE)
   Version:   1
   nInputs:   15
   nOutputs:  9
   LockTime:  0
   Inputs:
      PyTxIn:
         PrevTxHash: e7b58ff78217d9c2dbf1241caf5fe4fcd92e0d2513377a172fd045549fcdc98f (BE)
         TxOutIndex: 0
         Script:     (00493046022100c9f4ebda0ef6a9cdfbec47395f6f9003db03fa6a1e988f6cf6)
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 73ed5c2ebb46b065ce60e8032dbb302ca35844a422efe97c4e51a899b0f7b5d4 (BE)
         TxOutIndex: 0
         Script:     (483045022100eed323557e4c64468bbc6ea29127d7cc32174040abb1fad80e6f)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 7b22d93449f68c77e983e3293a9f7e2ff1d168cd38fe583e59fcb9f48920c2ee (BE)
         TxOutIndex: 0
         Script:     (47304402200b219204a17742c08b33f010273d8587d92e4250b785c20c202ada)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 3b3d950b16804433a6c51ee20b7f2cbf960c29d4f4f807d4401cf7ecbd129b5d (BE)
         TxOutIndex: 0
         Script:     (483045022100fb3c5b09df5f7ee08fd67a48f100bab72b98caca0627d38f27c5)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 0f2e75cd762a29e99833cd74cfb0146e8e0c9da154c28e3fe3f93b4ae07fb6ff (BE)
         TxOutIndex: 0
         Script:     (493046022100ef1b39f1c8e9a9cfea3078a9b84b14aa28e767f8d68e4f0350e1)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: d4bb36bc35374261d09fa9f1b32c30be42eeb7a1b6e065ad49f69ca90f82c9e3 (BE)
         TxOutIndex: 0
         Script:     (483045022048cdb8f317f34cd1ed2aa0f70233ed900ba09b530b7c45fb1756bd)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 673523e82a5522e43495806675fd55827551d19967717de7614a7cb1604ae11c (BE)
         TxOutIndex: 0
         Script:     (483045022100aac3d77c8aea7226d4ce907f3545d1c45dfa3b0e0218679a52df)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: d28f2ab759e302242c3364e2b3942b4f8726db582305df80deb5933ede6cb3ec (BE)
         TxOutIndex: 0
         Script:     (47304402201d26918c38b1200b3b8e3902fdc91ad0adc578b6d5cda1f30c94a7)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: b43aed06284a97a1977bc6f5f523e175dae220a7e3ea2bae79350279df2e396d (BE)
         TxOutIndex: 0
         Script:     (493046022100d461c1df9eb08a237f7fac396ed5ff4497ed2a6019b00a10b282)
         Sender:     1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: b593b0e4f026f0fa384dc821ffe4a70f567f55696ff509f4b0fa7e148b354815 (BE)
         TxOutIndex: 0
         Script:     (493046022100f35d2b1e7a695df93402d3dcdce356bc0e6d510d2fc437726508)
         Sender:     1MxgyKiKiHEemMUTJuq9NAbjmhKnUL5Ric
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 747969dcc31ea6c3ed01bf7a1c970d50d7dacb885068f8e03b464a5abdfa5e44 (BE)
         TxOutIndex: 0
         Script:     (4730440220704b975e73a8ceb2cff37580ea867a7a792b61b3762bae34092237)
         Sender:     1MxgyKiKiHEemMUTJuq9NAbjmhKnUL5Ric
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: e15cddae2f36bbf27045bba9aa0eede24e30e733a83bb4a2214d31a74731cdbd (BE)
         TxOutIndex: 0
         Script:     (47304402205be446e867d43b884756217bc6e1bd414354ad7d1ffbb6ae0b9f51)
         Sender:     1MxgyKiKiHEemMUTJuq9NAbjmhKnUL5Ric
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 3865e1176077e06eca8089bcc49691d22c285a7499564723041104baff1de558 (BE)
         TxOutIndex: 8
         Script:     (48304502206cedfbaf681a98c827445ef33851154dc16dda797a906cd2732e3e)
         Sender:     1Di6ux3CQBNXCZLD76BsnYWDo6XnFGzQah
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 204f7599883588e752578988bc43cb7572010ecd25fe8a34dba7ffdaadf592db (BE)
         TxOutIndex: 8
         Script:     (493046022100d2e46f587078fd6de62172908b5eb2962ea64dae3b6eb96e0a3e)
         Sender:     1Di6ux3CQBNXCZLD76BsnYWDo6XnFGzQah
         Seq:        4294967295
      PyTxIn:
         PrevTxHash: 30a8ed895212e2f7f18e67526ae37fbbdf9562017892f79ff8459226be627994 (BE)
         TxOutIndex: 8
         Script:     (493046022100bc7b0681e2ba82ad4f89e83fd21e1a94c6fb402de13cea22fb55)
         Sender:     1A3z7M6GhpUejQ5eqgSyjVWRuezeepdKKV
         Seq:        4294967295
   Outputs:
      TxOut:
         Value:    10000000000 ( 100.0 )
         Script:   OP_DUP OP_HASH (1dice97ECuByXAvqXpaYzSaQuPVvrtmz6) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    10000000000 ( 100.0 )
         Script:   OP_DUP OP_HASH (1dice8EMZmqKvrGE4Qc9bUFf9PX3xaYDp) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    25000000000 ( 250.0 )
         Script:   OP_DUP OP_HASH (1dice7W2AicHosf5EL3GFDUVga7TgtPFn) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    10000000000 ( 100.0 )
         Script:   OP_DUP OP_HASH (1dice7fUkz5h4z2wPc1wLMPWgB5mDwKDx) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    5000000000 ( 50.0 )
         Script:   OP_DUP OP_HASH (1dice7EYzJag7SxkdKXLr8Jn14WUb3Cf1) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    1000000000 ( 10.0 )
         Script:   OP_DUP OP_HASH (1dice6YgEVBf88erBFra9BHf6ZMoyvG88) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    200000000 ( 2.0 )
         Script:   OP_DUP OP_HASH (1dice6DPtUMBpWgv8i4pG8HMjXv9qDJWN) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    100000000 ( 1.0 )
         Script:   OP_DUP OP_HASH (1dice5wwEZT2u6ESAdUGG6MHgCpbQqZiy) OP_EQUAL OP_CHECKSIG
      TxOut:
         Value:    15215213996 ( 152.15213996 )
         Script:   OP_DUP OP_HASH (1EP4rM8hLZCRSWPNZDWJp9zdvmoWYkkgbQ) OP_EQUAL OP_CHECKSIG

hero member
Activity: 743
Merit: 500
something is wrong to many double spend addresses
https://blockchain.info/double-spends
legendary
Activity: 1526
Merit: 1134
I turns out the issue is that Inaba excluded 1dice transactions from the memorypool on his node due to some crashing issue. I'm not sure if he realized this opens SD to double spends or not, but at any rate, it's not deliberate collusion so actually exploiting it is difficult.

Edit: the issue was apparently fixed and it was actually a deadlock, not a crash.

This is one aspect of using fixed addresses I suspect fireduck did not consider. Using static addresses like that not only makes his books entirely open, but allows people to selectively exclude his traffic. I'm not sure what the crash issue was, but if it wasn't possible to isolate his transactions there may have been more motivation to find a real fix.
full member
Activity: 125
Merit: 100
Is it possible to send a tx that wouldn't normally relay to a node, but still get it accepted into the nodes memory pool? I thought the code did not allow that, but maybe I'm wrong.

Well if the tx was accepted by the pool in the first place it would have to be running some custom software.  I assume it would try and relay it normally but it would only be accepted by peers that were following the same relaxed rules as itself.  I have played with nonstandard transactions in the past sending them through Eligius to get mined and it does seem that though they are accepted and eventually end up in a block that I do not see them get propagated very far elsewhere on the network before being mined.  I assume that it would work fairly similarly for transactions with fees below minimum.
Pages:
Jump to: