Wow, ouch. Can you point me to further reading on how this is possible?
I'm sure if you do some internet searching you can find the exact technical information (hint: DER encoding for ECDSA).
Topic: Why are transaction malleable in the first place? - page 2. (Read 3248 times)
I'm sure if you do some internet searching you can find the exact technical information (hint: DER encoding for ECDSA).
Every tx is signed - the problem is the signature itself (which is considered part of the transaction for the purposes of the tx hash which is what identifies it). Unfortunately it is possible to change a signature (slightly) without invalidating it.
Wow, ouch. Can you point me to further reading on how this is possible?
Dumb question, but why is it possible to change somebody else's transaction in any way? Shouldn't the entire contents of the transaction be signed in some way?
Every tx is signed - the problem is the signature itself (which is considered part of the transaction for the purposes of the tx hash which is what identifies it). Unfortunately it is possible to change a signature (slightly) without invalidating it.
Think of it like the number 42 being also able to be represented as 42.0 (same number but the representation is slightly different).
From what I gather the latest release of Bitcoin should now only accept a specific format of the signature which should stop the current (annoying but not causing loss of funds) attack vector.
Dumb question, but why is it possible to change somebody else's transaction in any way? Shouldn't the entire contents of the transaction be signed in some way?
Jump to: