Bitcoin Forum

Hi,

When a person transfers BTC, what information is transferred on the network. Someone who listens to the network can access what data. I'm curious about security.

Bitcoin transactions are transferred through a hex string that contains the transaction information. The hex string is signed with the private key of the address that has the coin.

It is not possible for people to steal Bitcoins through MITM attack. The raw transaction does not contain any sensitive information that would allow one to steal your Bitcoins.

However, you can be tricked into accepting a payment when it the payment isn't on the actual network. The attacker can isolate you from the Bitcoin network and use Bitcoin on their fork. With this, they can trick you into thinking that you have received payments.

Every transaction relays the following information:

• A 4 byte version number
• A variable length (1 to 9 bytes) integer indicating the number of transaction inputs
• The list of inputs
• A variable length (1 to 9 bytes) integer indicating the number of transaction outputs
• The list of outputs
• A 4 byte lock_time

Each input in the list of inputs contains the following information:

• A 32 byte (SHA256) hash of the transaction that contains the output being spent as an input
• A 4 byte index indicating which output is being spent from that transaction
• A variable length (1 to 9 bytes) integer indicating the length (in bytes) of the scriptSig
• The scriptSig (the proof that you are authorized to spend the output in this input)
• A 4 byte sequence number

Each output in the list of output contains the following information:

• An 8 byte non-negative integer giving the number of Satoshis to be transfered
• A variable length (1 to 9 bytes) integer indicating the length (in bytes) of the scriptPubKey
• The scriptPubKey (a script that describes the proof that MUST later provide in an input if you intend to spend this output)

What security concerns are you curious about?  Perhaps we can explain better if you describe your concerns.

So when you transfer money from one address to another, only that information is being used?




Does my real curiosity really provide anonymity? For example, when I send this message, the data transfer between me and the server is certain. If you do not hide your IP address, this message can be detected very conveniently from my computer. (https://browserleaks.com/)

When transferring money from Bitcoin wallets, is there any information transfer about my computer? Can they find out who owns the transfer address?

The first node(s) that receive the TX do receive the origin IP as well. I think that's about it regarding 'informality about your computer'. There are ways to mitigate this:

• Use a VPN.
• Use TOR.
• Set up your own node and connect your client only to it. Other nodes will only see the origin IP as the IP of your node.

---

All of the above really depends on the wallet that you're using though (it was written as if you were using Bitcoin Core). The origin IP doesn't really give away any important information about you (e.g. you could be connected to a public Wi-Fi network).

---

Minor update as per achow's post: The nodes that you are directly connected to can not know whether the TX originated from your IP or you were just relaying someone else's transaction.

Yes. Only the outputs being spent from and the outputs being created are all that is really used. The outputs being created typically contain the hash of your public key. That is the only way to identify who owns that transaction.

Not easily. The Bitcoin protocol does not contain anything about IP addresses or other computer information relevant to identifying you. There is no need for any of that information. Block explorers who do give that information are both not definitive and only relative to their own nodes (e.g. blockchain.info's "relayed by IP" field in transactions can only show the node that told blockchain.info about the transaction, not the node that sent it).

Since Bitcoin uses a gossip protocol so that every node on the network receives the transaction, the only people who know the IP where the transaction originated from are the nodes that you are directly connected to. Even so, those nodes cannot be sure that you are the originator and not just someone else relaying a transaction that they don't know about yet. The other nodes have to be connected to every single other node on the network (an impossible task) in order to truly determine with certainty that the transaction originated from your node. This kind of attack (called a sybil attack) is very hard to do as it is impossible to know the IP address of every single node on the network and not all nodes will connect to the attacker's node(s)

Even with a sybil attack you can still use IP address hiding techniques such as a VPN or TOR in order to hide your IP address.

This is an important issue you mentioned. Even if they can not steal our bitcoins directly with MITM attack, they can deceive us with different social engineering methods by pretending to have received our payments. We could lose money.

Could you give an example of how such an attack would look? I'm having a hard time imagining how a third party could do harm by pretending it received a payment from me.

@Lauda
@achow101

Thanks for the answers




That's not what I want to say: "how a third party could do harm by pretending it received a payment from me."
That's what I want to say: "they can trick you into thinking that you have received payments"

I wrote this according to ranochigo's message. It is not difficult to produce a scenario if this is possible.

Many things are possible if people are stupid enough to believe you. E.g. this address -> https://blockchain.info/address/1QLbGuc3WGKKKpLs4pBp9H6jiQ2MgPkXRp

is advertised as Bitcoin Magic Doubler including a service thread here -> https://bitcointalk.org/index.php?topic=1357858.0

People send coins to the address and instantly get a transaction "back". This will however never confirm and it in fact only shows on blockchain.info. Which makes people use these inputs to fool others in turn.
-> https://blockchain.info/tx/d83b29b81ad3a2e4d084dd583847cd87d278f3255a9301f74a668479aab13266

And this is what you did say:

---

This message?



Not difficult?

First you need to isolate your victim from the entire internet so they can't see the REAL bitcoin network (without them realizing that you've done this).
Then you need to connect a bitcoin node directly to their bitcoin wallet (without them realizing that you've done this).
Then you need to convince the victim to accept an UNCONFIRMED transaction.
Then you need to get away and avoid being identified once they re-connect to the REAL bitcoin network and discover that the UNCONFIRMED transaction was fake.

That sounds difficult to me.
The victim can avoid this problem by waiting for the transaction to confirm.

If you want to fool a victim into thinking that the transaction has confirmed, you'll need a LOT of hash power.  This will be difficult to acquire and set up, and expensive to run.

---

Another problem which can be avoided by simply waiting for the transaction to CONFIRM.

If you want to accept unconfirmed transactions, then you should take the time to learn how to evaluate the risk associated with a given unconfirmed transaction.

Well, not for the person participating in the "doubler" as they have to send first. For everyone else, yes.

Certainly.  It will always be possible to trick gullible people into sending bitcoins that they shouldn't have.

(such as sending to the "doubler")

But the conversation in this thread was about being fooled into thinking you have received a payment:

I'm new to bitcoin. There's a lot I do not know about Bitcoin.
If theoretically this sentence is correct: "The attacker can isolate you from the Bitcoin network and use Bitcoin on their fork. With this, they can trick you into thinking that you have received payments."
Then it would not be hard to produce scenarios for the attacker. Needless to say, there must be a monetary gain to cover the cost of the attack.
How much does it cost you to carry out such an attack? (to create a technical sub build)

There's a very big difference between "It can be done" and "It would not be hard to do".

If theoretcially this sentence is correct: "A person can acquire the necessary materials and build a nuclear explosive device with a 13 kiloton yield".

It does NOT mean that you can say: "It would not be hard to produce usable scenarios for an attacker".


Typically.


That depends on how you want to do it.  You suggest that scenarios are not difficult.  Suggest a scenario, and we'll see if you and I can realistically estimate the costs together.

It's a simple script. The following are written to give an idea only. I do not feel like doing something like that. Nobody should do anything like that. Defrauding people is something very wrong. You do not have the right to steal anyone's money. It's written just to be a brainstorming. Also, this scenario is also written to get our own security.

We hunt our victims over social media sites. We use female profiles for this. For 3-4 months, we play a game-enthusiastic young girl on facebook. This young girl will be a person interested in bitcoin at the same time. On Steam, you can already buy games with bitcoin. So this young girl will be contacted by players who have knowledge about bitcoin.

This young girl will be our friend, so it's a real profile. The commission will be given to each of the gross proceeds made. Technical infrastructure will be provided by IT specialists friends (network and software). The important thing is that we can have faith and trust. For this, the young girl will sell BTC for 3-4 months. This will not be cheat for 3-4 months. The money issuer will really be sold to BTC.

Victims will be selected from different countries. So different facebook accounts will be created for different countries. The victim will only face to face meeting girls who are our friends. But the meeting will be on the ground we set up. This place will be a place for computer enthusiasts. The whole network infrastructure here will be our control.

The real cheat will begin once you have had enough confidence. People will be defrauded here because they are willing to shop in the place we set up. "The attacker can isolate you from the Bitcoin network and use Bitcoin on their fork. With this, they can trick you into thinking that you have received payments." The infrastructure described here will be prepared. And BTC will be sold in large quantities. People will think that they are receiving BTC payments on the fork bitcoin network. The country will be abandoned after the crash is over.

How much budget is needed for such an attack?

I find it hard to understand the entire concept, perhaps because its a bit wordy. I believe you are trying to say that once trust is gained, you will isolate the victim from the network?

For this to work, you would first, need the victim to connect to the network that the attacker controls.

Lets say the victim trusts the buyer and accepts an unconfirmed transaction. The transaction would only be relayed to the victim's wallet. For it to be valid, the wallet will need to verify the UXTO does indeed exist. The attacker would have to spend that exact UXTO on the real network[to a different address]. Next, the buyer will not check anything and assumes that its okay. Take note, when the buyer walks out and connects to the real internet, he will realise that he was cheated.

The other scenario is when the victim does not trust the buyer and only accepts a confirmed transaction. Everything is almost the same except that someone has to mine a block with that difficulty. The block will not be valid on the real network since the transaction was a double spent. He would still find out that its fake in the end.

Anyone that can do simple math will know why the second method isn't plausible.

You have to come out with an excuse as to why he can't connect to any other places.

Anyone who is sane will require at least a confirmation when dealing with huge amount of Bitcoins, this makes the method less viable.

Only in this scenario will the victim think the process has been verified. All transactions will go through our network. Bitcoin will think he gets paid when he looks at his wallet.

Also the system will work through our DNS addresses. So when he wants to enter the popular sites used for Bitcoin, he will be connected to fork sites. If a site like blockchain.info wants to check the operation, it will appear as if the transaction has been approved because it has logged into our fork site.

The only problem here is that the victim wants to use his own mobile internet. Devices that weaken the mobile signal power can be used. So he will have to use our network.

The wallet will only show a confirmation if a valid block is relayed to it. The UXTO need to exist in the first place for the wallet to acknowledge the transaction. Otherwise, this attack is guaranteed to fail.

Your DNS method may work with some certainty. Phones usually keeps a DNS cache of the website that they have visited before. This means that the phone will not necessarily contact your DNS server. I'm not sure if the browser will throw a warning if the connection gets redirected. This method can only work if the user only relies on the block explorer to check for transactions.

Only if you have enough hash power to solve a block at the current difficulty in a reasonable amount of time. SPV wallets and Full Node wallets will all reject any invalid block you attempt to provide.

If you've got that much hash power, you can make a lot more money actually solving legitimate blocks and broadcasting them instead of solving fake blocks and then throwing the blocks away.

There are many things wrong with this, not to mention the cost of this is insanely high.

First of all, somehow you have to ensure that the victim is connected to the internet only through you. Then you have to hope that they did not change the DNS settings on their devices so that they are using your DNS servers.

Now you need to make transactions, presumably of very large amounts (otherwise this will result in a loss). Because of the large quantities of money being exchanged, those transactions must be confirmed. So, you would have to have enough money to get a large amount of mining equipment so that blocks are produced in a timely manner and are of the correct difficulty. You should assume that a few people will be using laptops and full nodes, these cannot be tricked like SPV nodes, the Proof Of Work must be valid, and that requires a significant amount of mining equipment at the current difficulty.

Now suppose you manage to trick people into this scam and steal their money. They go home, log into their computers, and check their wallets for their new Bitcoin. However, now that they have connected to the real network, they see that they were scammed. Here's the kicker, you had to buy or lease a building, pay for utilities, hire employees, buy equipment, etc. This all leaves a huge paper trail, and quite a bit of that is public record. Now those you scammed are going to go after you with multiple lawsuits and probably also press criminal charges, so you will end up both in jail and lose everything that you have.

Besides the fact that going after you for scamming would be relatively easy, you also have to consider the huge cost of doing this. First you need to lease or buy a building. That can be extremely expensive, and its not like if you can pack up and leave without a trace; there's still a paper trail not in your control. Next you need to get a significant number of mining machines in order to make a valid proof of work, that is going to take several millions of dollars given that the difficulty and thus required hashrate is extremely high.

tl;dr while possible in theory, such a scheme is entirely impossible and impractical in practice.

the only thing that could help you through this is getting them to download and run YOUR version of a bitcoin wallet, that might provide you multiple places where they see the balance because you could control the network that the daemon at their home pc connects to.  in the end you would catch a lot of lawsuits, but the way the law is here at this time you would not catch any criminal charge unless it is tampering with their PC(maybe?).  it is set up here in the USA that if they knowingly transfer BTC to you, whether under false pretenses or not, you are fine.  that is why when you see people on here bitch that they have been scammed out of BTC, they can simply keep whining.  Crypsty got nailed because their site made claims to "Securely store" the commodity of Bitcoin and other alts, thus acting as a class 3 MSB and underclass 4 securities foundation.  if you sucker someone into giving you bitcoins, then they were simply stupid and deserve the loss.  if you tell them, via website or any other communication, that you are "storing", "securing", "holding"(while using the term investment), or "using secure transfer", then those terms, exactly as i just said them, put you in the hands of the SEC and InterSync

I highly doubt that would work as any sane person looking to store a large amount of Bitcoin is going to look for a well reviewed and highly recommended wallet. In fact, there's probably a good chance that they would use a hardware wallet along with the software that the wallet maker recommends so this would be very difficult to pull off.

Wouldn't this kind of scam be considered fraud which is a criminal offence?

This is not that the victim is giving you Bitcoin, but rather they are giving you fiat (or something else) and you are giving them Bitcoin. Except the fraud here is that you are not actually giving them Bitcoin, only making them believe that Bitcoin was sent.

it is true that it would be hard to get them to download your copy of the wallet, BUT, if they are newer to crypto and the chat dialog is going well, it would be pretty easy to sound helpful and when they start talking about trying things out you shoot them a link....obviously something like a google short link or online storage link, so that it appears to not be directly coming from you. 

as far as fraud, no, not unless a direct claim is made in text(chat) or writing to be selling a commodity or to be a licensed commodity trader.  the florida judge nailed alts as commodities and that helps scammers a lot more than if it was still nothing, i love it.  if these guys pulled off the tech end, then this would just be one of those to laugh at the suckers for.  it is literally the same thing, if the chats are worded right, as selling them your own new alt coin.  it is a fork of bitcoin, but that differs from a simple clone very little.  in fact, legally, because Bitcoin, BTC and all the terms that go with it is not a protected, trademarked, or copyrighted thing(open source too!), anyone can fork it, release and distribute their wallet and code, and then point people to a website that can sell them the "BTC", then sending coins to the distributed wallet and they didn't even lie about it.  most people on here would not be too fooled, many would though, and hundreds that are brand new to crypto would buy it up.  look at how many "geniuses" here grabbed handfuls of peercoin, even long term members, based on a two page website that said it would be bought back at 10x the value after the weekend promotion.  i laughed and pointed it out for days and people ate that shit up.  they are quite simply too stupid to stop and there is not a single law to protect them if it is just worded a little carefully