Topic: [SUCCESS] Double Spend against a satoshidice loss - page 3. (Read 19045 times)
If the proper fee was paid to the miners and the payment is based on confirmed imputs, this type of double spend doesn't work. So, like satoshidice has done, simply check these two things before accepting a 0 confirmation payment. Otherwise wait for 1 confirmation. I'll work on wording this better and presenting it more effectively in the future.
If double spends are really this easy, I can only imagine shady clients that come out in the future that do this automatically . . .
I'm already working on one. Hope to have it working properly in a few months.I actually support this. The sooner people realize this can happen, the sooner people will be educated about the risk of 0 confirmation transactions. I can't technically conceive a way to prevent this, but ideas like green addresses or physical coins could certainly help reduce the risk for people who rely on instant transactions.
If double spends are really this easy, I can only imagine shady clients that come out in the future that do this automatically . . .
I'm already working on one. Hope to have it working properly in a few months.
If double spends are really this easy, I can only imagine shady clients that come out in the future that do this automatically. Obviously someone willing to wait for confirmations will be fine, but how are people going to be expected to wait 10+ minutes at the convenience store for a candy bar purchase?
Is this when green addresses come into play? The convenience store trusts transactions from mtgox addresses not to attempt double spending so they accept a 0 confirmation payment?
Is this when green addresses come into play? The convenience store trusts transactions from mtgox addresses not to attempt double spending so they accept a 0 confirmation payment?
Double-spends have always been possible. That's why we count "confirmations". The number of confirmations reduces the risk of double-spends.
Yes -- 0/1-confirmation double spends are certainly possible. A successful 2-confirmation double-spend would be more interesting. I would love to see if real-network experience matches the theoretical results from Meni's paper. I just want to be clear, because the title is a little inaccurate. A double spend was not achieved. If that were true, then the bitcoin network would be in trouble. This is more of a Finney attack.
Double-spends have always been possible. That's why we count "confirmations". The number of confirmations reduces the risk of double-spends.
I just want to be clear, because the title is a little inaccurate. A double spend was not achieved. If that were true, then the bitcoin network would be in trouble. This is more of a Finney attack.
Um no it is a double spend. A Finney attack is a type of double spend in which the attacker "reverses" a 0-confirm tx by submitting a replacement which is already in a block HE MINED. There is nothing in the OP attack which makes it is a Finney attack.
I just want to be clear, because the title is a little inaccurate. A double spend was not achieved. If that were true, then the bitcoin network would be in trouble. This is more of a Finney attack.
Can this idea be a solution?
In the test code I have just implemented what I call the "Boomerang Rule" - see below:
It enables change to be spendable immediately as long as the transaction propagates through the network ok.
I will spend a little while testing it and then produce another test release (beta) with it in.
It would be very useful if a few people could test it out to make sure it works as expected before I put it into the live code.
It enables change to be spendable immediately as long as the transaction propagates through the network ok.
I will spend a little while testing it and then produce another test release (beta) with it in.
It would be very useful if a few people could test it out to make sure it works as expected before I put it into the live code.
I've set it to allow unconfirmed as long as they have a fee and are based on confirmed inputs.
New rules! I'll test some more tonight.
This should be a pretty reliable method.
1) Create a long chain of unconfirmed transactions (lots of free low priority transactions which depend on each other).
2) Send the final transaction in the chain to SatoshiDICE, including one input which isn't part of the unconfirmed chain. If the bet wins, great, keep rebroadcasting all the transactions in the chain and eventually they will confirm.
3) If the bet looses. Double spend the input from the betting transaction which is not part of the unconfirmed chain.
Because the chain will take a long time to confirm it gives a much larger window of opportunity for miners to pickup the double spending transaction. As miners join and leave the network they are much more likely to pickup the single double spend transaction, rather than the full chain of unconfirmed transactions (which you are no longer broadcasting). This technique was used to successfully double spend the blockchain.info mixer.
1) Create a long chain of unconfirmed transactions (lots of free low priority transactions which depend on each other).
2) Send the final transaction in the chain to SatoshiDICE, including one input which isn't part of the unconfirmed chain. If the bet wins, great, keep rebroadcasting all the transactions in the chain and eventually they will confirm.
3) If the bet looses. Double spend the input from the betting transaction which is not part of the unconfirmed chain.
Because the chain will take a long time to confirm it gives a much larger window of opportunity for miners to pickup the double spending transaction. As miners join and leave the network they are much more likely to pickup the single double spend transaction, rather than the full chain of unconfirmed transactions (which you are no longer broadcasting). This technique was used to successfully double spend the blockchain.info mixer.
Anyone who wants to test double spends is free to try it on the test site:
http://1209k.com/testdice/
I'll be doing some of my own testing.
http://1209k.com/testdice/
I'll be doing some of my own testing.
Thanks to everyone how has been looking at this and reporting their findings.
I tried this earlier this year and couldn't get it to work, but I might have simply not tried hard enough or things have changed.
While I investigate I've set Satoshidice to only allow confirmed bets. I'll bring up our test site and post the url in a little in case anyone wants to use a casino to continue to test this. It has real funds, just not nearly as much.
I tried this earlier this year and couldn't get it to work, but I might have simply not tried hard enough or things have changed.
While I investigate I've set Satoshidice to only allow confirmed bets. I'll bring up our test site and post the url in a little in case anyone wants to use a casino to continue to test this. It has real funds, just not nearly as much.
Another loss I am trying to double spend on
https://blockchain.info/tx/f4c76f4c2f906e08b8f7392285bfc8d5b593378c3e2a1b570887502c05b8f547
http://satoshidice.com/lookup.php?tx=f4c76f4c2f906e08b8f7392285bfc8d5b593378c3e2a1b570887502c05b8f547&limit=100&min_bet=0&status=ALL
Waiting for blockchain.info to pick up the double spend...
Double spend has been broadcast now:
https://blockchain.info/tx/0ddd5d48d880116eac5c361268f3fb5e069c0e059fe6b08f77db9039493de452
Waiting to see which one gets confirmed...
The amount of time this takes almost makes it not worth doing in the first place, then again I'm doing everything manually. I guess a bot could be set up to do this, which would give you an edge over the house even if only 1/4 of the double spends work.
FAILED
EclipseMC included the original transaction without the fee. This seems to be a luck of the draw game depending on who mines the block. Either way I'm done messing with this for now.
https://blockchain.info/tx/f4c76f4c2f906e08b8f7392285bfc8d5b593378c3e2a1b570887502c05b8f547
http://satoshidice.com/lookup.php?tx=f4c76f4c2f906e08b8f7392285bfc8d5b593378c3e2a1b570887502c05b8f547&limit=100&min_bet=0&status=ALL
Waiting for blockchain.info to pick up the double spend...
Double spend has been broadcast now:
https://blockchain.info/tx/0ddd5d48d880116eac5c361268f3fb5e069c0e059fe6b08f77db9039493de452
Waiting to see which one gets confirmed...
The amount of time this takes almost makes it not worth doing in the first place, then again I'm doing everything manually. I guess a bot could be set up to do this, which would give you an edge over the house even if only 1/4 of the double spends work.
FAILED
EclipseMC included the original transaction without the fee. This seems to be a luck of the draw game depending on who mines the block. Either way I'm done messing with this for now.
Wow. Nice. Also, from looking at the timestamps, 10 minutes went by from the unlucky dice roll to the included double spend transaction, if I'm seeing it correctly!
It took ten minutes before the rest of the bitcoin network picked up the double spend apparently, I don't know why, but the same thing happened with my practice round.
Can you provide the transaction IDs? At a minimum, I'm curious which mining pool (if any) was responsible for the block in which this occurred.
OP^^ Another question is, would the transaction with no fees get confirmed at all considering it should have had 0.004BTC in fees?
I will test again, this time seeing how long it takes for a spammy transaction to confirm without fees, if at all.
Wow. Nice. Also, from looking at the timestamps, 10 minutes went by from the unlucky dice roll to the included double spend transaction, if I'm seeing it correctly!
It took ten minutes before the rest of the bitcoin network picked up the double spend apparently, I don't know why, but the same thing happened with my practice round.
Can you provide the transaction IDs? At a minimum, I'm curious which mining pool (if any) was responsible for the block in which this occurred.
Wow. Nice. Also, from looking at the timestamps, 10 minutes went by from the unlucky dice roll to the included double spend transaction, if I'm seeing it correctly!
It took ten minutes before the rest of the bitcoin network picked up the double spend apparently, I don't know why, but the same thing happened with my practice round.
Wow. Nice. Also, from looking at the timestamps, 10 minutes went by from the unlucky dice roll to the included double spend transaction, if I'm seeing it correctly!
Hopefully they get around to patching it to wait before people start abusing this...
Hopefully they get around to patching it to wait before people start abusing this...
Success.
I'm trying again.
Jump to: