biggbox (OP)
|
|
October 04, 2015, 02:52:26 AM |
|
I have one incoming transaction record that mysteriously disappeared. I am certain it was there 5 hours ago. The coin amount doesn't tally.
Was I dreaming?
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
biggbox (OP)
|
|
October 04, 2015, 02:56:03 AM |
|
Okay. I read around and there are those who said they received a DOUBLE SPEND warning from the same provider. Is that a concern?
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
biggbox (OP)
|
|
October 04, 2015, 03:09:01 AM |
|
I checked the transaction record in question, blockchain says "Warning! this transaction is a double spend. You should be extremely careful when trusting any transactions to/from this sender. " So it is technically possible to withdraw and undo your coins?
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
October 04, 2015, 03:18:30 AM |
|
The Coinkite blog article here explains what is going on and how to proceed safely. The person who claimed responsibility for the malleability attack is a character named amaclin on this forum see this thread.
|
|
|
|
biggbox (OP)
|
|
October 04, 2015, 03:24:39 AM |
|
The Coinkite blog article here explains what is going on and how to proceed safely. The person who claimed responsibility for the malleability attack is a character named amaclin on this forum see this thread. Thank you! How did he do it I wonder. But anyway, the key message in that blog is: Over the last 24-48 hours, we’ve noticed a number of our customer’s transactions modified and rebroadcast with a new transaction number. This attack is being applied to almost all transactions on the network and is not targeted at Coinkite or our users.
This is a nuisance only and does not put your funds at risk. - Peter, CTO
The modification that’s being made to the transactions is well understood and isn’t new: it is a simple numeric tweak to one number (S) in the ECDSA signature. It’s documented as part of BIP62 and is called the “low S” requirement. Coinkite always uses the lower S value, but these pranksters have been replacing that with the higher S value.
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
JeWay
|
|
October 04, 2015, 03:40:49 AM |
|
The Coinkite blog article here explains what is going on and how to proceed safely. The person who claimed responsibility for the malleability attack is a character named amaclin on this forum see this thread. Thank you! How did he do it I wonder. But anyway, the key message in that blog is: Over the last 24-48 hours, we’ve noticed a number of our customer’s transactions modified and rebroadcast with a new transaction number. This attack is being applied to almost all transactions on the network and is not targeted at Coinkite or our users.
This is a nuisance only and does not put your funds at risk. - Peter, CTO
The modification that’s being made to the transactions is well understood and isn’t new: it is a simple numeric tweak to one number (S) in the ECDSA signature. It’s documented as part of BIP62 and is called the “low S” requirement. Coinkite always uses the lower S value, but these pranksters have been replacing that with the higher S value.
Exactly, your funds is not at risk as long as you receive the transaction for free. But if you give(sell) something to the same sender, you have to be careful. Because he can just do a Double Spend to the transaction, so make sure that the sender send the Bitcoin first.
|
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
October 04, 2015, 03:47:33 AM |
|
It is more than just a nuisance. One user has already reported that the malleability attack disabled his online myTrezor.com wallet: he was unable to spend from the wallet and had to restore from seed to a different wallet.
|
|
|
|
biggbox (OP)
|
|
October 04, 2015, 05:02:28 AM |
|
It is more than just a nuisance. One user has already reported that the malleability attack disabled his online myTrezor.com wallet: he was unable to spend from the wallet and had to restore from seed to a different wallet.
Do you think the attack is a random occurrence on any particular organisation or wallet address? Or simply it was a random net casting which implicated a random pool of users? I thought I saw my coin balance jumping.
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
October 04, 2015, 08:25:04 AM |
|
It is more than just a nuisance. One user has already reported that the malleability attack disabled his online myTrezor.com wallet: he was unable to spend from the wallet and had to restore from seed to a different wallet.
Do you think the attack is a random occurrence on any particular organisation or wallet address? Or simply it was a random net casting which implicated a random pool of users? I thought I saw my coin balance jumping. The person behind this is open for question in the thread linked above. Their answer to "why?" was "because I can."
|
Im not really here, its just your imagination.
|
|
|
Falchion
Newbie
Offline
Activity: 14
Merit: 0
|
|
October 04, 2015, 08:38:46 AM |
|
hello, just a question if i may, (i am still learning the ropes) - an address flagged with "double spend" message, can it still receive payments?
|
|
|
|
dothebeats
Legendary
Offline
Activity: 3766
Merit: 1354
|
|
October 04, 2015, 08:52:28 AM |
|
hello, just a question if i may, (i am still learning the ropes) - an address flagged with "double spend" message, can it still receive payments?
It can still receive payments, it's just that a single transaction or some transactions are affected by some sort of double-spend attempt.
|
|
|
|
Falchion
Newbie
Offline
Activity: 14
Merit: 0
|
|
October 04, 2015, 09:01:38 AM |
|
hello, just a question if i may, (i am still learning the ropes) - an address flagged with "double spend" message, can it still receive payments?
It can still receive payments, it's just that a single transaction or some transactions are affected by some sort of double-spend attempt. thanks for reply, it was a good address have to start all over again i guess
|
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
October 04, 2015, 09:03:16 AM |
|
hello, just a question if i may, (i am still learning the ropes) - an address flagged with "double spend" message, can it still receive payments?
It can still receive payments, it's just that a single transaction or some transactions are affected by some sort of double-spend attempt. thanks for reply, it was a good address have to start all over again i guess What? No, a double spend flag is just something some services, like blockchain.info do. It does not influence your address or anything you do as dothebeats said above. There is no need to "start all over again".
|
Im not really here, its just your imagination.
|
|
|
biggbox (OP)
|
|
October 04, 2015, 09:08:07 AM |
|
My wallet containing that address is now taking an awfully long time to sync. Is that what the attacker hope to achieve? Delay transactions?
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
October 04, 2015, 09:12:15 AM |
|
My wallet containing that address is now taking an awfully long time to sync. Is that what the attacker hope to achieve? Delay transactions?
No, they just do it out of curiosity and do not care if it is an inconvenience for others.
|
Im not really here, its just your imagination.
|
|
|
biggbox (OP)
|
|
October 04, 2015, 09:16:15 AM |
|
It is more than just a nuisance. One user has already reported that the malleability attack disabled his online myTrezor.com wallet: he was unable to spend from the wallet and had to restore from seed to a different wallet.
When u say 'disabled', does it means his wallet is taking a long time to sync?
|
1Cr9iLWm2dSGH8259VQd2wDzpkR63jGVjW
|
|
|
BitcoinNewsMagazine
Legendary
Offline
Activity: 1806
Merit: 1164
|
|
October 04, 2015, 02:23:49 PM |
|
It is more than just a nuisance. One user has already reported that the malleability attack disabled his online myTrezor.com wallet: he was unable to spend from the wallet and had to restore from seed to a different wallet.
When u say 'disabled', does it means his wallet is taking a long time to sync? He said he was unable to send bitcoin from the wallet.
|
|
|
|
Falchion
Newbie
Offline
Activity: 14
Merit: 0
|
|
October 05, 2015, 07:43:39 AM |
|
hello, just a question if i may, (i am still learning the ropes) - an address flagged with "double spend" message, can it still receive payments?
It can still receive payments, it's just that a single transaction or some transactions are affected by some sort of double-spend attempt. thanks for reply, it was a good address have to start all over again i guess What? No, a double spend flag is just something some services, like blockchain.info do. It does not influence your address or anything you do as dothebeats said above. There is no need to "start all over again". ok, thanks shorena, sure glad my address in not fubar. if i miss posts, i am still trying to get used to it, but you all rock. this is the right place to learn about the bitcoin!
|
|
|
|
|