What is the best way to handle malleable transactions?

vineyard

hero member

Activity: 546

Merit: 500

EOS Auctions

Quote from: fbueller on February 19, 2014, 10:06:30 AM

I'm using blocknotify to scan all transactions in a block for transactions paying to addresses I care about. I then log the txid/vout/address it was sent to. These are funding multsig addresses in my case.
It also checks if the inputs in the new blocks transactions are known about, gathered by the above process. These would be payments leaving the multisig address.

By parsing blocks for transactions (blocknotify) instead of just learning about a new transaction (walletnotify) at least the transaction has one confirmation. This avoids the malleability issue altogether.

I think we are doing the same thing. I use walletnotify and disregard transactions with 0 confirms (walletnotify executes the callback both at the time a new transaction is accepted by a node on the network and then again when the transaction has 1 confirm). When I am notified of a transaction with 1 confirm, I see if I have it in my database. This is the easy case when the transaction ID was not altered. If I do not recognize the TXID, then I try to match it up against transactions I have created in my database that have yet to be confirmed once.

limpybud

newbie

Activity: 10

Merit: 0

I have recently joined this community and this post is luckily answer to one of the questions I was concerned about

fbueller

sr. member

Activity: 412

Merit: 286

I'm using blocknotify to scan all transactions in a block for transactions paying to addresses I care about. I then log the txid/vout/address it was sent to. These are funding multsig addresses in my case.
It also checks if the inputs in the new blocks transactions are known about, gathered by the above process. These would be payments leaving the multisig address.

By parsing blocks for transactions (blocknotify) instead of just learning about a new transaction (walletnotify) at least the transaction has one confirmation. This avoids the malleability issue altogether.

vineyard

hero member

Activity: 546

Merit: 500

EOS Auctions

Quote from: halcyon on February 18, 2014, 02:59:09 PM

look at the github releases of the bitcoin developers Wink

I have rummaged around and found 2 techniques. The first is to embed some message in the transaction itself that can help you identify it later on. This is kind of frowned on because it creates "blockchain spam". The second is what I think is the best so far is to simply match VINs and VOUTs of unknown transactions on addresses you care about to your own recorded data. Just wondering if there is a third way (or a fourth)?

halcyon

member

Activity: 70

Merit: 10

look at the github releases of the bitcoin developers Wink

vineyard

hero member

Activity: 546

Merit: 500

EOS Auctions

Because the current Bitcoin protocol allows for malleable transactions, the TXID which is a hash of the certain portions of the transaction cannot be used to uniquely identify a transaction. Supposedly, this is the problem MtGox and others ran into recently. One way to handle malleable transactions is to listen to the Bitcoin network for any transactions associated with Bitcoin addresses you care about. If you see a transaction with an TXID that you don't know about, look back into the transactions that you did create and try to match the VINs and VOUTs (since these cannot be changed in a malleable transaction). Does anyone else have a better way of dealing with this?

Topic: What is the best way to handle malleable transactions? (Read 1432 times)