Bitcoin Forum
November 12, 2024, 01:05:21 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: Bitcoin maleabity attack - who made it and is it still running?  (Read 3853 times)
GermanGiant
Hero Member
*****
Offline Offline

Activity: 784
Merit: 501



View Profile
October 07, 2015, 09:51:26 PM
 #21

we will never know why and who are attacking it
never say never.
it was me behind this particular stress-test
i am not from bank company and do not work for google
I understand you are a developer, but which industry do you serve as an employee or an employer ?
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1019


View Profile
October 07, 2015, 09:54:56 PM
 #22

I understand you are a developer, but which industry do you serve as an employee or an employer ?
I am a code developer, but my main work is not bitcoin-related. I am employee in small it-company.
Bitcoin technolodgy is a hobby.
BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1806
Merit: 1164



View Profile WWW
October 07, 2015, 10:29:56 PM
 #23

i read somewhere that somebody said its him doing the attack yet i cannot find this post.

so my questio nis - who did this attack and is it still running?

When malleability attack is running you will see this:



Attack ended 10/5 about 10:00 and is not ongoing right now.

HI-TEC99
Legendary
*
Offline Offline

Activity: 2772
Merit: 2846



View Profile
October 07, 2015, 11:36:00 PM
 #24

i read somewhere that somebody said its him doing the attack yet i cannot find this post.

so my questio nis - who did this attack and is it still running?

When malleability attack is running you will see this:



Attack ended 10/5 about 10:00 and is not ongoing right now.

Why is the mempool increasing in size so quickly if the attack is now stopped? It's now 909.7 MB which is the largest size I've ever seen, not that I regularly keep a track of it. It's the largest size in the lat seven days according to tradeblock. Something must be causing it, and it's not unconfirmed transactions this time. I thought its size would reduce after the attack stopped.

gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 4270
Merit: 8805



View Profile WWW
October 08, 2015, 01:13:56 AM
 #25

Please explain (or reference an explanation) as to why malleability features would be quite useful.
For example, anyonecanpay sighash flag allows arbitrary parties to add funds to a transaction. It's what makes lighthouse possible, but every time someone updates the transaction the txid changes.

Quote
Also, I would like to understand why people care about old implementations that aren't being actively maintained by people who are following bitcoin.  Please explain why it matters what happens to these old implementations?  Why should you or anyone else waste effort to dig up these issues?
Because they are widely used (or had been historically-- we're getting to the point where .this is less true). Just blocking the transactions for non-trivial amounts of users does not yield a good experience, to say the least. Forcing people to constantly rev their software reduces decentralization-- and who precisely has the authority to go decide what is "old" or "actively maintained"?--if people are happy happy with what they're running, I am not eager to disrupt that.  I am also not eager to try to dictate how often authors of wallet software must revise their software (again, something that would reduce decentralization-- by pushing out development teams with less resources).  As to why you should care and go help move them along: it's cheap to do, and the failure to do so holds the ecosystem back.--- the same reason I've done so.

If you note the patch I linked to, my change was only a few characters--- why? because the code was already written a long time ago... but not activated due to waiting for the ecosystem to catch up; we're ready.
Blawpaw
Legendary
*
Offline Offline

Activity: 1596
Merit: 1027



View Profile
October 08, 2015, 01:23:35 AM
 #26

This has been delaying all the transactions and been the cause for many vendors and other service providers to increase the tx fee.

Does anyone knows or at least has a suspicion on who's responsible for this bug exploit?
tl121
Sr. Member
****
Offline Offline

Activity: 278
Merit: 254


View Profile
October 08, 2015, 02:24:24 AM
 #27

This has been delaying all the transactions and been the cause for many vendors and other service providers to increase the tx fee.

Does anyone knows or at least has a suspicion on who's responsible for this bug exploit?

There is at least one poster on this forum who is claiming credit for this, FWIW.

At this point, years after the bug has been identified, there really isn't much of an excuse for not having plugged this hole.  But then, the philosophy of the so called leaders is not to make and execute any decisions that might inconvenience anyone. In other words, abdicate leadership.  A strong leader has to make decisions and take responsibility for the consequences, including the possibility that people won't follow him and he may have to find a new job or even a new career.

tl121
Sr. Member
****
Offline Offline

Activity: 278
Merit: 254


View Profile
October 08, 2015, 02:37:11 AM
 #28

Please explain (or reference an explanation) as to why malleability features would be quite useful.
For example, anyonecanpay sighash flag allows arbitrary parties to add funds to a transaction. It's what makes lighthouse possible, but every time someone updates the transaction the txid changes.

Quote
Also, I would like to understand why people care about old implementations that aren't being actively maintained by people who are following bitcoin.  Please explain why it matters what happens to these old implementations?  Why should you or anyone else waste effort to dig up these issues?
Because they are widely used (or had been historically-- we're getting to the point where .this is less true). Just blocking the transactions for non-trivial amounts of users does not yield a good experience, to say the least. Forcing people to constantly rev their software reduces decentralization-- and who precisely has the authority to go decide what is "old" or "actively maintained"?--if people are happy happy with what they're running, I am not eager to disrupt that.  I am also not eager to try to dictate how often authors of wallet software must revise their software (again, something that would reduce decentralization-- by pushing out development teams with less resources).  As to why you should care and go help move them along: it's cheap to do, and the failure to do so holds the ecosystem back.--- the same reason I've done so.

If you note the patch I linked to, my change was only a few characters--- why? because the code was already written a long time ago... but not activated due to waiting for the ecosystem to catch up; we're ready.

The problem in your example is not changing some code.  It's an architectural question.  What is the meaning of a "transaction", in other words what is the object that a transaction id references?  Binding time issue.  if there is lack of clarity here, then there is no hope for a clean software design or bug free operation.

Reasonable people running old software have no problem switching to new software.  Anyone who has used computers for more than a few years understands that technology changes and people have to keep up.  It's the way the industry works.  The most these people have a right to expect is a migration path from old software to new software that enables them to keep their coins.




BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1806
Merit: 1164



View Profile WWW
October 08, 2015, 03:46:21 AM
 #29

i read somewhere that somebody said its him doing the attack yet i cannot find this post.

so my questio nis - who did this attack and is it still running?

When malleability attack is running you will see this:



Attack ended 10/5 about 10:00 and is not ongoing right now.

Why is the mempool increasing in size so quickly if the attack is now stopped? It's now 909.7 MB which is the largest size I've ever seen, not that I regularly keep a track of it. It's the largest size in the lat seven days according to tradeblock. Something must be causing it, and it's not unconfirmed transactions this time. I thought its size would reduce after the attack stopped.



Attack seems to be back on and seems to have been predicted by mempool increase:


Amph
Legendary
*
Offline Offline

Activity: 3248
Merit: 1070



View Profile
October 08, 2015, 08:07:26 AM
 #30

This has been delaying all the transactions and been the cause for many vendors and other service providers to increase the tx fee.

Does anyone knows or at least has a suspicion on who's responsible for this bug exploit?

increasing tx fee right, well there must be only one responsable, a miners, it's in their interest to increase the fee at all cost

so i'll not be surprised if they are again the one to blame for this
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1019


View Profile
October 08, 2015, 08:23:25 AM
 #31

Is this a website? Where can I see this graph?
http://statoshi.info/dashboard/db/transactions
right now there is some sort of "turbulence" there.
the reason of "turbulence" is https://bitcointalk.org/index.php?topic=1175321.msg12623681#msg12623681
It seems Coinwallet have cancelled the 'giveaway' and have started consolidating the remaining dust presumably for themselves.  Example tx.  They have not released anymore keys AFAIK.
twister
Hero Member
*****
Offline Offline

Activity: 672
Merit: 502



View Profile WWW
October 08, 2015, 08:29:17 AM
 #32

Is this a website? Where can I see this graph?
http://statoshi.info/dashboard/db/transactions
right now there is some sort of "turbulence" there.
the reason of "turbulence" is https://bitcointalk.org/index.php?topic=1175321.msg12623681#msg12623681
It seems Coinwallet have cancelled the 'giveaway' and have started consolidating the remaining dust presumably for themselves.  Example tx.  They have not released anymore keys AFAIK.

Yeah, something is definitely up, my transactions have been stuck for 2+ hours, they were medium priority which usually takes upto 6 blocks and there have been 10 blocks since then and they still haven't moved, I think they might get stuck for infinity. Sad If only I knew that there's another stress test I would have added extra fee.

Thanks for the link.

What if there is another wave of malleability attack whilst the spam attack is underway, it could really turn things upside down.  Undecided

 

██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
 
Get Free Bitcoin Now!
  ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦   
0.8%-1% House Edge
[/
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1019


View Profile
October 08, 2015, 08:36:24 AM
 #33

What if there is another wave of malleability attack whilst the spam attack is underway, it could really turn things upside down.  Undecided
Should we test this case?
I can resume malleability stress-test in any moment
twister
Hero Member
*****
Offline Offline

Activity: 672
Merit: 502



View Profile WWW
October 08, 2015, 08:52:15 AM
 #34

What if there is another wave of malleability attack whilst the spam attack is underway, it could really turn things upside down.  Undecided
Should we test this case?
I can resume malleability stress-test in any moment

Well according to this article, a fix might get pushed soon.

Quote
But Maclin’s window may be closing. A Bitcoin update designed to fix the malleability issue has been in the works for over a year, and the latest attack could be just the spark to light a fire under it.

And until then, you can do whatever you want to do.

On the brighter side of things, all of my transactions just got confirmed. Smiley

 

██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
 
Get Free Bitcoin Now!
  ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦   
0.8%-1% House Edge
[/
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1019


View Profile
October 08, 2015, 09:07:04 AM
 #35

Well according to this article, a fix might get pushed soon.
Bitcoin is decentralized. Nobody can "push a fix soon".
Yes, I do understand, that today we have a very small number of miner pools.
And it is quite possible to developer team to communicate with admins and ask them to implement a "small and very good patch" in code.
What does it mean?
This means, that all words about the "real decentralization" have been forgotten.
And the community is under the control by core devs and pool owners.
monsanto
Legendary
*
Offline Offline

Activity: 1241
Merit: 1005


..like bright metal on a sullen ground.


View Profile
October 08, 2015, 10:28:22 AM
 #36

What if there is another wave of malleability attack whilst the spam attack is underway, it could really turn things upside down.  Undecided
Should we test this case?
I can resume malleability stress-test in any moment

Would be an interesting experiment... in the name of science of course  Smiley
knowhow
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500


View Profile
October 08, 2015, 10:17:26 PM
 #37

Soo why not to join the team of bitcoin to clear the bugs and the hole that you looks like you are taking advantage to explore ,would be better clear it instead use it .
BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1806
Merit: 1164



View Profile WWW
October 08, 2015, 10:33:34 PM
Last edit: October 09, 2015, 01:58:21 AM by BitcoinNewsMagazine
 #38

Bitcoin developers are already planning to block the malleability attack with an update that will enforce lowS according to the chat in bitcoin-dev.

forzendiablo (OP)
Legendary
*
Offline Offline

Activity: 1526
Merit: 1000


the grandpa of cryptos


View Profile
October 09, 2015, 01:33:01 AM
 #39

Well according to this article, a fix might get pushed soon.
Bitcoin is decentralized. Nobody can "push a fix soon".
Yes, I do understand, that today we have a very small number of miner pools.
And it is quite possible to developer team to communicate with admins and ask them to implement a "small and very good patch" in code.
What does it mean?
This means, that all words about the "real decentralization" have been forgotten.
And the community is under the control by core devs and pool owners.


you are right, seems BTC is loosing decentralization

but that just means... nothing can be decentralised for real

yolo
Omikifuse
Legendary
*
Offline Offline

Activity: 1848
Merit: 1009



View Profile
October 09, 2015, 01:44:33 AM
 #40

i read somewhere that somebody said its him doing the attack yet i cannot find this post.

so my questio nis - who did this attack and is it still running?

marcotheminer said something about maleability issues with the bot that affected some users from the bit-x campaign.

I thought the problem has been solved long ago after the Gox thing Huh
Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!