Bitcoin Forum
July 23, 2017, 04:53:47 PM *
News: Due to BIP91, it would starting now be prudent to require 5 times more confirmations than usual before trusting transactions.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 »  All
  Print  
Author Topic: New transaction malleability attack wave? Another stresstest?  (Read 37281 times)
arnuschky
Hero Member
*****
Offline Offline

Activity: 502


View Profile
October 01, 2015, 07:58:10 PM
 #1

Hey all,

we're seeing a lot of malleated transactions on our nodes. Anyone else?

Tx listed on https://blockchain.info/double-spends are also all malleated (click on links, if marked as "conflicted" blockchain.info has seem two versions of the same* tx).

What's the point? Another stresstest?

* or close enough Smiley
1500828827
Hero Member
*
Offline Offline

Posts: 1500828827

View Profile Personal Message (Offline)

Ignore
1500828827
Reply with quote  #2

1500828827
Report to moderator
1500828827
Hero Member
*
Offline Offline

Posts: 1500828827

View Profile Personal Message (Offline)

Ignore
1500828827
Reply with quote  #2

1500828827
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1500828827
Hero Member
*
Offline Offline

Posts: 1500828827

View Profile Personal Message (Offline)

Ignore
1500828827
Reply with quote  #2

1500828827
Report to moderator
1500828827
Hero Member
*
Offline Offline

Posts: 1500828827

View Profile Personal Message (Offline)

Ignore
1500828827
Reply with quote  #2

1500828827
Report to moderator
amaclin
Legendary
*
Offline Offline

Activity: 1246


View Profile
October 01, 2015, 10:02:59 PM
 #2

yes
RussianRaibow
Hero Member
*****
Offline Offline

Activity: 630

I AM A SCAMMER


View Profile WWW
October 01, 2015, 11:28:26 PM
 #3

Hey all,

we're seeing a lot of malleated transactions on our nodes. Anyone else?

Tx listed on https://blockchain.info/double-spends are also all malleated (click on links, if marked as "conflicted" blockchain.info has seem two versions of the same* tx).

What's the point? Another stresstest?

* or close enough Smiley

Here is a case of such double-spending - https://bitcointalk.org/index.php?topic=1197096.0

Even after 29 days of broadcast, while one Tx has already got confirmed, another is still hanging in some node's mempool...

https://live.blockcypher.com/btc/tx/07dd024065a6ef12652670618e510503e1af4e0f4d75ddc6f4d2a55f002c9bc0/

I AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMERI AM A SCAMMER
chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 04:13:25 AM
 #4

It's strange , i have something very similar....
I do not own a miner or anything but just now i sent some payments though it doesn't show up in my blockchain wallet unless i login. I see two txs to same address of same amount , one confirmed and one not. and there is a incoming tx which is not confirmed and probably double -spent but which is not possible , it was sent using CoinBase...
Anyone knows, what's going on ?
amaclin
Legendary
*
Offline Offline

Activity: 1246


View Profile
October 02, 2015, 06:22:05 AM
 #5

https://www.reddit.com/r/Bitcoin/comments/3n5zvw/can_someone_help_explain_what_happened_here/
https://www.reddit.com/r/Bitcoin/comments/3n72yq/ongoing_bitcoin_malleability_attack_low_s_high_s/
https://www.reddit.com/r/Bitcoin/comments/3n62l8/bitcoins_stuck_with_blockchaininfo_shared_coin/
http://blog.coinkite.com/post/130318407326/ongoing-bitcoin-malleability-attack-low-s-high

arnuschky
Hero Member
*****
Offline Offline

Activity: 502


View Profile
October 02, 2015, 06:56:07 AM
 #6


Interestingly, it seems that the later transactions (ie, the malleated one, not the original one) that are confirming.
At least in our case.

Can someone confirm this? More importantly, if your transactions are being malleated, which one is confirming?
Yours or the other one?

Some explanation: Malleated transactions face the same difficulty as doublespends: they need to be accepted
by a miner before the original tx (or the miner needs to replace the original tx). The first case isn't very likely,
the second requires the miner to run some non-standard software (Peter Todd's RBF-FSS).

If it's mostly malleated transactions that are confirming, we're facing something new. Either someone is
colluding with miners, or many miners are running RBF-FSS, or there's a bug.
chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 07:39:00 AM
 #7

The real problem am facing here because of this is not 0 confirmation but something else...
one incoming tx is pending , which will sooner or later be ok i suppose....
BUT, i sent some coins and now when i open my wallet and check - it shows me two similar tx to same address - one confirmed and one not....
How does it affect me ??





The bitcoins has been deducted twice and am not getting it back i suppose...


any ideas?
arnuschky
Hero Member
*****
Offline Offline

Activity: 502


View Profile
October 02, 2015, 07:49:04 AM
 #8

The real problem am facing here because of this is not 0 confirmation but something else...
one incoming tx is pending , which will sooner or later be ok i suppose....
BUT, i sent some coins and now when i open my wallet and check - it shows me two similar tx to same address - one confirmed and one not....
How does it affect me ??



The bitcoins has been deducted twice and am not getting it back i suppose...

any ideas?

This is the malleability problem: someone is creating copies of transactions that result in the same result but look different to the network (different transaction id).
In your screenshot, you see that both transactions are "doing" the same thing. They are basically the same tx under a different name.
As long as one of the two confirms, you're good. You can ignore the one that does not confirm.

And no, bitcoins aren't deducted twice, don't worry. Only confirmed ones count towards your balance.
Note that your wallet software might be confused and thus show an incorrect balance until the unconfirmed tx is discarded.
chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 07:55:39 AM
 #9

The real problem am facing here because of this is not 0 confirmation but something else...
one incoming tx is pending , which will sooner or later be ok i suppose....
BUT, i sent some coins and now when i open my wallet and check - it shows me two similar tx to same address - one confirmed and one not....
How does it affect me ??



The bitcoins has been deducted twice and am not getting it back i suppose...

any ideas?

This is the malleability problem: someone is creating copies of transactions that result in the same result but look different to the network (different transaction id).
In your screenshot, you see that both transactions are "doing" the same thing. They are basically the same tx under a different name.
As long as one of the two confirms, you're good. You can ignore the one that does not confirm.

And no, bitcoins aren't deducted twice, don't worry. Only confirmed ones count towards your balance.
Note that your wallet software might be confused and thus show an incorrect balance until the unconfirmed tx is discarded.

Actually i checked and the balance has been deducted twice , means i will get this btc back once the unconfirmed tx clears? but we can't say it will even clear right Huh Sad

shorena
Legendary
*
Offline Offline

Activity: 1316


ALL escrow is signed! https://keybase.io/verify


View Profile WWW
October 02, 2015, 07:56:35 AM
 #10

-snip-
Actually i checked and the balance has been deducted twice , means i will get this btc back once the unconfirmed tx clears? but we can't say it will even clear right Huh Sad

Well for bitcoin core you could just rescan the wallet, Im not sure how you would do that with... what looks like blockchain.info.

chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 07:59:39 AM
 #11

-snip-
Actually i checked and the balance has been deducted twice , means i will get this btc back once the unconfirmed tx clears? but we can't say it will even clear right Huh Sad

Well for bitcoin core you could just rescan the wallet, Im not sure how you would do that with... what looks like blockchain.info.

yeah that's blockchain.info Undecided

Seems it's finally time i switch to bitcoin core as well..

Hope fully soon it will be ok....

Thanks
amaclin
Legendary
*
Offline Offline

Activity: 1246


View Profile
October 02, 2015, 08:00:54 AM
 #12

This is the malleability problem: someone is creating copies of transactions

OK. This is not "someone". It is me.
Right now the stress-test is paused. I reserve a right to resume it.
Ask me anything.
chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 08:05:13 AM
 #13

This is the malleability problem: someone is creating copies of transactions

OK. This is not "someone". It is me.
Right now the stress-test is paused. I reserve a right to resume it.
Ask me anything.

if it's really you! you owe me some btc Tongue
I mean really , why Huh Undecided
amaclin
Legendary
*
Offline Offline

Activity: 1246


View Profile
October 02, 2015, 08:10:14 AM
 #14

I mean really , why Huh Undecided
Because I am able to do it.
chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 08:24:40 AM
 #15

I mean really , why Huh Undecided
Because I am able to do it.

With Great power comes great responsibility my child...... Wink

PS - all tx removed , got mail by Blockchain.info , incoming one removed , will send it again and duplicate txs also removed... Cheesy Cheesy Cheesy

and yes , duplicate txs had deducted the btc which i got back now Smiley
amaclin
Legendary
*
Offline Offline

Activity: 1246


View Profile
October 02, 2015, 08:29:26 AM
 #16

With Great power comes great responsibility my child...... Wink
Not in bitcoin world. Responsibility for whom? I do not know you. You do not know me.
There is no third party who can punish me, because I am wrong and you are right.
chronicsky
Legendary
*
Offline Offline

Activity: 1092


Somebody said get a life...so they did


View Profile WWW
October 02, 2015, 08:40:56 AM
 #17

With Great power comes great responsibility my child...... Wink
Not in bitcoin world. Responsibility for whom? I do not know you. You do not know me.
There is no third party who can punish me, because I am wrong and you are right.

well, wateva... Tongue
Do as you like...
basil00
Member
**
Offline Offline

Activity: 60


View Profile
October 02, 2015, 11:00:19 AM
 #18

OK. This is not "someone". It is me.

I am not surprised.  You were my prime suspect. Smiley

This "attack" probably stops spam scripts that generate long chains of unconfirmed txs.  It might actually be a good thing to leave this running.
amaclin
Legendary
*
Offline Offline

Activity: 1246


View Profile
October 02, 2015, 11:14:19 AM
 #19

This "attack" probably stops spam scripts that generate long chains of unconfirmed txs.
The main word is "probably".
Spam engine should not broadcast predefined set of transactions, but should monitor all transactions on the network from different nodes and build on-the-fly next transaction on top of previous one received from the peer. Splitting the "chain" to a "binary tree" just adds more fun Smiley

Better way to stop spam is to malle spammer chain txs on mining pool.

Quote
It might actually be a good thing to leave this running.
I do not think so. I do not see any benefits for me running it. Today.
basil00
Member
**
Offline Offline

Activity: 60


View Profile
October 02, 2015, 11:25:52 AM
 #20

Splitting the "chain" to a "binary tree" just adds more fun Smiley

This is also the correct way to do it.

Quote
I do not see any benefits for me running it.

Perhaps to remind the community not to rely on chains of unconfirmed txs.

Btw, I wonder if it is possible to design scripts immune to this attack, e.g.

Code:
OP_SIZE 73 OP_EQUALVERIFY <pubKey> OP_CHECKSIG

The wallet software needs to "mine" a 73byte sig (not very hard).
The malleated sig is always 1 byte bigger, so cannot be used.
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!