Author

Topic: What is the best way to handle malleable transactions? (Read 1442 times)

hero member
Activity: 546
Merit: 500
EOS Auctions
I'm using blocknotify to scan all transactions in a block for transactions paying to addresses I care about. I then log the txid/vout/address it was sent to. These are funding multsig addresses in my case.
It also checks if the inputs in the new blocks transactions are known about, gathered by the above process. These would be payments leaving the multisig address.

By parsing blocks for transactions (blocknotify) instead of just learning about a new transaction (walletnotify) at least the transaction has one confirmation. This avoids the malleability issue altogether.

I think we are doing the same thing. I use walletnotify and disregard transactions with 0 confirms (walletnotify executes the callback both at the time a new transaction is accepted by a node on the network and then again when the transaction has 1 confirm). When I am notified of a transaction with 1 confirm, I see if I have it in my database. This is the easy case when the transaction ID was not altered. If I do not recognize the TXID, then I try to match it up against transactions I have created in my database that have yet to be confirmed once.
newbie
Activity: 10
Merit: 0
I have recently joined this community and this post is luckily answer to one of the questions I was concerned about
sr. member
Activity: 412
Merit: 287
I'm using blocknotify to scan all transactions in a block for transactions paying to addresses I care about. I then log the txid/vout/address it was sent to. These are funding multsig addresses in my case.
It also checks if the inputs in the new blocks transactions are known about, gathered by the above process. These would be payments leaving the multisig address.

By parsing blocks for transactions (blocknotify) instead of just learning about a new transaction (walletnotify) at least the transaction has one confirmation. This avoids the malleability issue altogether.
hero member
Activity: 546
Merit: 500
EOS Auctions
look at the github releases of the bitcoin developers Wink

I have rummaged around and found 2 techniques. The first is to embed some message in the transaction itself that can help you identify it later on. This is kind of frowned on because it creates "blockchain spam". The second is what I think is the best so far is to simply match VINs and VOUTs of unknown transactions on addresses you care about to your own recorded data. Just wondering if there is a third way (or a fourth)?
member
Activity: 70
Merit: 10
look at the github releases of the bitcoin developers Wink
hero member
Activity: 546
Merit: 500
EOS Auctions
Because the current Bitcoin protocol allows for malleable transactions, the TXID which is a hash of the certain portions of the transaction cannot be used to uniquely identify a transaction. Supposedly, this is the problem MtGox and others ran into recently. One way to handle malleable transactions is to listen to the Bitcoin network for any transactions associated with Bitcoin addresses you care about. If you see a transaction with an TXID that you don't know about, look back into the transactions that you did create and try to match the VINs and VOUTs (since these cannot be changed in a malleable transaction). Does anyone else have a better way of dealing with this?
Jump to: