Bitcoin Forum
November 03, 2024, 06:53:03 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 »  All
  Print  
Author Topic: Bitcoin maleabity attack - who made it and is it still running?  (Read 3849 times)
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1617
Merit: 1012



View Profile
October 09, 2015, 02:11:11 AM
 #41

From what I can see, it's somebody who is out to destroy bitcoin. What is there to gain by carrying out the attack only to cause inconvenience to the users.

I am not sure if he is out to destroy Bitcoin. If anything there is benefit out of all this - many noobs who did not understand what the malleability attack was prior to this now do. For most systems it is not too difficult to build countermeasures against this. Of course, if someone's system depends on the abitlity to react instantly to unconfirmed transactions the moment it sees them ... well then it is their stupidity.
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1019


View Profile
October 09, 2015, 04:46:03 AM
 #42

you are right, seems BTC is loosing decentralization
but that just means... nothing can be decentralised for real

Only primitive organisms. Worms for example.
Ants have primitive centralization. They can build an anthill.
People can work in fully centralized community. They are launching rockets to Mars.

BTC lost  its decentralization when some smart guy decided to mine on his video card and another clever guy organized a pool.
TooDumbForBitcoin
Legendary
*
Offline Offline

Activity: 1638
Merit: 1001



View Profile
October 09, 2015, 08:56:29 AM
 #43



I've called for assistance several times in identifying the origin of a list of lowS violating transactions in order to help speed deployment of this, but it seems that the Bitcoin community is a lot more interested in whining and throwing blame then stepping up and doing a little bit of the non-development work needed to get this deployed. Sad

Altruism is centralized - who knew?



▄▄                                  ▄▄
 ███▄                            ▄███
  ██████                      ██████
   ███████                  ███████
    ███████                ███████
     ███████              ███████
      ███████            ███████
       ███████▄▄      ▄▄███████
        ██████████████████████
         ████████████████████
          ██████████████████
           ████████████████
            ██████████████
             ███████████
              █████████
               ███████
                █████
                 ██
                  █
veil|     PRIVACY    
     WITHOUT COMPROMISE.      
▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂
|   NO ICO. NO PREMINE. 
   X16RT GPU Mining. Fair distribution.  
|      The first Zerocoin-based Cryptocurrency      
   WITH ALWAYS-ON PRIVACY.  
|



                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌




   ▄███████
   ████████
   ███▀
   ███
██████████
██████████
   ███
   ███
   ███
   ███
   ███
   ███




     ▄▄█▀▀ ▄▄▄▄▄▄▄▄ ▀▀█▄▄
   ▐██▄▄██████████████▄▄██▌
   ████████████████████████
  ▐████████████████████████▌
  ███████▀▀▀██████▀▀▀███████
 ▐██████     ████     ██████▌
 ███████     ████     ███████
▐████████▄▄▄██████▄▄▄████████▌
▐████████████████████████████▌
 █████▄▄▀▀▀▀██████▀▀▀▀▄▄█████
  ▀▀██████          ██████▀▀
      ▀▀▀            ▀▀▀
TooDumbForBitcoin
Legendary
*
Offline Offline

Activity: 1638
Merit: 1001



View Profile
October 09, 2015, 09:11:44 AM
 #44


People can work in fully centralized community. They are launching rockets to Mars.


If I may use an unfortunate term (or two), the decentralization of space exploration is literally exploding.



▄▄                                  ▄▄
 ███▄                            ▄███
  ██████                      ██████
   ███████                  ███████
    ███████                ███████
     ███████              ███████
      ███████            ███████
       ███████▄▄      ▄▄███████
        ██████████████████████
         ████████████████████
          ██████████████████
           ████████████████
            ██████████████
             ███████████
              █████████
               ███████
                █████
                 ██
                  █
veil|     PRIVACY    
     WITHOUT COMPROMISE.      
▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂
|   NO ICO. NO PREMINE. 
   X16RT GPU Mining. Fair distribution.  
|      The first Zerocoin-based Cryptocurrency      
   WITH ALWAYS-ON PRIVACY.  
|



                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌




   ▄███████
   ████████
   ███▀
   ███
██████████
██████████
   ███
   ███
   ███
   ███
   ███
   ███




     ▄▄█▀▀ ▄▄▄▄▄▄▄▄ ▀▀█▄▄
   ▐██▄▄██████████████▄▄██▌
   ████████████████████████
  ▐████████████████████████▌
  ███████▀▀▀██████▀▀▀███████
 ▐██████     ████     ██████▌
 ███████     ████     ███████
▐████████▄▄▄██████▄▄▄████████▌
▐████████████████████████████▌
 █████▄▄▀▀▀▀██████▀▀▀▀▄▄█████
  ▀▀██████          ██████▀▀
      ▀▀▀            ▀▀▀
neoneros
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250


I can draw your avatar!


View Profile WWW
October 09, 2015, 11:46:58 AM
 #45

you are right, seems BTC is loosing decentralization
but that just means... nothing can be decentralised for real

Only primitive organisms. Worms for example.
Ants have primitive centralization. They can build an anthill.
People can work in fully centralized community. They are launching rockets to Mars.

BTC lost  its decentralization when some smart guy decided to mine on his video card and another clever guy organized a pool.


The development of bitcoin was never decentralised, looking at it from a wider angle, the blockchain itself is a centralised system(the blockchain) on which we entrust the bitcoin economy. The meaning of decentralisation is that there is not a single entity but the blockchain itself, until there is someone who can make and overtake a mining rig so powerfull it will mine all the remaining blocks and will not share the technology.

This will however result in a non trustworthy blockchain and the whole thing crumbles before the one investing so hard to gain control will have the biggest loss. "Now you're king of the mountain, but it's all garbage!"

Perlover
Full Member
***
Offline Offline

Activity: 162
Merit: 109


View Profile
October 09, 2015, 11:59:17 AM
 #46

Now i did a payment to myself by Mycelium 2.5.2
After transaction was made, after 1 minute i tried to send new transaction (parent transaction had 0-confirmation). Mycelium allows to send transaction based on 0-confirmed.
But Mycelium could not send a new transaction - "transaction was declined by network"

I think for 1 minute (because blockchain.info & tradeblock.com shows to me different cashes of my first (parent) transaction) while i did new payment in this time anybody changed my transaction and some miners got other and inputs of second transaction after this referered to invalid TxID.

I think this type of attack affects user wallets too - if wallet software can spend unconfirmed outputs (Mycelium, Breadwallet, Electrum and etc.). And user can think that payment was not sent but some peers got normal valid transsacion, other got invalid... It's not good news for bitcoin users.
Perlover
Full Member
***
Offline Offline

Activity: 162
Merit: 109


View Profile
October 09, 2015, 12:08:47 PM
 #47

I think anybody monitors only transactions which have only 0-confirmed parent transactions, and then they change its and rebroadcast.
After many wallets affected to this when user try to send new transaction based on 0-confirmed old transactions - a wallet software make new transaction from itself TxIDs, but network knows about other TxIDs...
Sad
Perlover
Full Member
***
Offline Offline

Activity: 162
Merit: 109


View Profile
October 09, 2015, 12:41:03 PM
 #48

And by this attack affected mining pools - some pools got transactions outputs of which valid but other ones. So after this attack all chains of 0-confirmed transaction very very slowly propogated through bitcoin network Sad I send valid fine fee transactions but they are not confirmed a long time Sad - somebody changed iut and rebroadcasted with other TxID Sad
As i understand should BIP62 help?
twister
Hero Member
*****
Offline Offline

Activity: 672
Merit: 502



View Profile WWW
October 09, 2015, 02:39:23 PM
 #49

you are right, seems BTC is loosing decentralization
but that just means... nothing can be decentralised for real

Only primitive organisms. Worms for example.
Ants have primitive centralization. They can build an anthill.
People can work in fully centralized community. They are launching rockets to Mars.

BTC lost  its decentralization when some smart guy decided to mine on his video card and another clever guy organized a pool.


The development of bitcoin was never decentralised, looking at it from a wider angle, the blockchain itself is a centralised system(the blockchain) on which we entrust the bitcoin economy. The meaning of decentralisation is that there is not a single entity but the blockchain itself, until there is someone who can make and overtake a mining rig so powerfull it will mine all the remaining blocks and will not share the technology.

This will however result in a non trustworthy blockchain and the whole thing crumbles before the one investing so hard to gain control will have the biggest loss. "Now you're king of the mountain, but it's all garbage!"

I disagree with how he expressed his opinion (doing an attack) about the whole Bitcoin getting centralized but I do agree to some extent that he is right, maybe right now it's not the case but in future the bigger pools will completely take control of the mining operation and then they'll make their own rules and that will again result in a non trustworthy blockchain and maybe these stress test are done by them to increase the miner's fee. I don't think this is how Satoshi envisioned the mining to be, I think it was meant to be completely decentralized and people mining from different parts of the world and not just from few mining farms.

 

██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
 
Get Free Bitcoin Now!
  ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦   
0.8%-1% House Edge
[/
SebastianJu
Legendary
*
Offline Offline

Activity: 2674
Merit: 1083


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
October 09, 2015, 03:49:28 PM
 #50

The problem is that a known bug in the bitcoin protocol has festered for years.  If the "core" developers had been doing their job, this problem would have been fixed long ago.
There are a dozen different malleability vectors in the protocol as originally designed; some are quite useful and important intentional features-- others are not.  Though the harm from malleability is very moderate-- and because of the intentional features and the potential for ordinary double spends, wallets must have basically sane handling for it--, unwanted third party malleability is a nuisance. In Bitcoin Core's wallet the nuisance can be greatly mitigated by setting spendzeroconfchange=0.

Because of it being a nuisance all of vectors for malleability except for one were blocked as non-standard transactions in Bitcoin Core years ago.  The remaining one could not be simply blocked because it requires transactions to confine their signatures to a particular form-- low-S-- and all software was violating before the issue was known.  Because of this applying that final constraint would have blocked almost all transactions on the network-- something not justified for a nuisance level attack. Bitcoin Core changed constrain its own transactions to this form in 2013 but it has taken a long time for other software to update themselves. Fortunately, the final remaining type of malleability was ever so slightly trickier to exploit, so people haven't been doing so at scale. In the meantime a proposal was made, as part of BIP62, for a v3 transaction type where parties creating transactions could opt into the protective behavior if they were recent enough to support it. Unfortunately BIP62 is fairly complex and no one outside of a small group of contributors to Bitcoin Core have cared at all about advancing it.  So we've been breaking up parts of them and applying them to the consensus incrementally (e.g. BIP66).

Current git master Bitcoin Core enforces the requirement for all transactions it relays or mines, once this is in a release and widely deployed it will end this irritation; but it will also block most transactions from small portion of the network on software which is out of date or hasn't been updated to produces anti-malleability-friendly low-S signatures (on the order of 5% of all transactions now; due to ongoing efforts to harass parties to fix their wallet software).

I've called for assistance several times in identifying the origin of a list of lowS violating transactions in order to help speed deployment of this, but it seems that the Bitcoin community is a lot more interested in whining and throwing blame then stepping up and doing a little bit of the non-development work needed to get this deployed. Sad

Thanks for explaining your view on the things gmaxwell. I think this attack can only help bitcoin. Showing if the attack vector is really a problem, pushing the funding of code to go against.

I think the influence on the network is rather small anyway.

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
tl121
Sr. Member
****
Offline Offline

Activity: 278
Merit: 254


View Profile
October 09, 2015, 05:00:23 PM
 #51


Thanks for explaining your view on the things gmaxwell. I think this attack can only help bitcoin. Showing if the attack vector is really a problem, pushing the funding of code to go against.

I think the influence on the network is rather small anyway.

The "test" did a number on my bitcoind + electrum server machine, saturating the CPU completely, with the node falling behind the block chain.  Fortunately, this was easily fixed by changing the config file. I deliberately run a slow processor, so I get a preview of "coming attractions".  Based on ealier "tests" I had surmised that my little Atom based machine would be (barely) able to handle 8 MB blocks running bitcoind. (Electrum server code is hopelessly inefficient and would require a faster processor or more efficient code.)  However, for some reason this new "test" was more effective at consuming my CPU cycles than previous tests.

It strikes me that the developers do not have node performance under control.  Software that runs real-time transaction critical software needs characterization of its performance and how this relates to transaction load, not just average transaction load but also "worst case" transaction load.  This is one of the reasons that I disagree with gmaxwell's response to my earlier post in this thread.  Perhaps there are models, measurements and benchmarks for node performance as a function of a number of parameters, but I haven't seen them.


Meuh6879
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012



View Profile
October 09, 2015, 05:25:26 PM
 #52

It's not good news for bitcoin users.

malleability attack can only work in a tiers payment processor ... NOT with connected wallet to Bitcoin network.
SebastianJu
Legendary
*
Offline Offline

Activity: 2674
Merit: 1083


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
October 09, 2015, 05:26:36 PM
 #53

Please explain (or reference an explanation) as to why malleability features would be quite useful.
For example, anyonecanpay sighash flag allows arbitrary parties to add funds to a transaction. It's what makes lighthouse possible, but every time someone updates the transaction the txid changes.

Do you say that this attack pattern became possible because of changes that were implemented into bitcoin to make the lightning network possible?

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
SebastianJu
Legendary
*
Offline Offline

Activity: 2674
Merit: 1083


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
October 09, 2015, 05:33:05 PM
 #54

you are right, seems BTC is loosing decentralization
but that just means... nothing can be decentralised for real

Only primitive organisms. Worms for example.
Ants have primitive centralization. They can build an anthill.
People can work in fully centralized community. They are launching rockets to Mars.

BTC lost  its decentralization when some smart guy decided to mine on his video card and another clever guy organized a pool.


The development of bitcoin was never decentralised, looking at it from a wider angle, the blockchain itself is a centralised system(the blockchain) on which we entrust the bitcoin economy. The meaning of decentralisation is that there is not a single entity but the blockchain itself, until there is someone who can make and overtake a mining rig so powerfull it will mine all the remaining blocks and will not share the technology.

This will however result in a non trustworthy blockchain and the whole thing crumbles before the one investing so hard to gain control will have the biggest loss. "Now you're king of the mountain, but it's all garbage!"

I disagree with how he expressed his opinion (doing an attack) about the whole Bitcoin getting centralized but I do agree to some extent that he is right, maybe right now it's not the case but in future the bigger pools will completely take control of the mining operation and then they'll make their own rules and that will again result in a non trustworthy blockchain and maybe these stress test are done by them to increase the miner's fee. I don't think this is how Satoshi envisioned the mining to be, I think it was meant to be completely decentralized and people mining from different parts of the world and not just from few mining farms.

You mean the big mining companies. The pools that exist are practically only big companies that allow some small miners to take part. But they control the majority of the hashrate anyway.

And yes, they have all the might. Which sounds pretty bad. Some years ago we had a lot of private miners. That is not the case anymore.

Surprisingly satoshi foresaw that. I wonder why he did not see a problem in that. Decentralization is something different of a miner corporation, which we will see for sure.

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3080



View Profile
October 09, 2015, 10:36:32 PM
 #55

Please explain (or reference an explanation) as to why malleability features would be quite useful.
For example, anyonecanpay sighash flag allows arbitrary parties to add funds to a transaction. It's what makes lighthouse possible, but every time someone updates the transaction the txid changes.

Do you say that this attack pattern became possible because of changes that were implemented into bitcoin to make the lightning network possible?

lighthouse

Vires in numeris
Pab
Legendary
*
Offline Offline

Activity: 1862
Merit: 1012


View Profile
October 11, 2015, 02:06:22 PM
 #56

 Explanation you can find in link below,looks like it is kind of hobby for guys who are doing that or mission of his life

http://webonanza.com/2015/10/08/no-you-did-not-break-bitcoin-today/

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
SebastianJu
Legendary
*
Offline Offline

Activity: 2674
Merit: 1083


Legendary Escrow Service - Tip Jar in Profile


View Profile WWW
October 11, 2015, 10:00:35 PM
 #57

Please explain (or reference an explanation) as to why malleability features would be quite useful.
For example, anyonecanpay sighash flag allows arbitrary parties to add funds to a transaction. It's what makes lighthouse possible, but every time someone updates the transaction the txid changes.

Do you say that this attack pattern became possible because of changes that were implemented into bitcoin to make the lightning network possible?

lighthouse

Thanks for the correction...

Please ALWAYS contact me through bitcointalk pm before sending someone coins.
neoneros
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250


I can draw your avatar!


View Profile WWW
October 12, 2015, 07:41:21 AM
 #58

I disagree with how he expressed his opinion (doing an attack) about the whole Bitcoin getting centralized but I do agree to some extent that he is right, maybe right now it's not the case but in future the bigger pools will completely take control of the mining operation and then they'll make their own rules and that will again result in a non trustworthy blockchain and maybe these stress test are done by them to increase the miner's fee. I don't think this is how Satoshi envisioned the mining to be, I think it was meant to be completely decentralized and people mining from different parts of the world and not just from few mining farms.

It would have been better if mining would be non-profit in any other any way than just the sheer joy of running your own decentralised mining rig in your basement, as a hobby and as a means to keep the blockchain alive. You could make it break even, so no profit, but no loss, but it is still the market at work here.
The incentive is money, and that is one that feeds greed, greed is a very mighty thing and hard to control. We always want more, eat all the cake till nothing is left and then franticly search for the last crumbs...

Mining without profit would increase the decentralisation, because it would only interest those who want to invest without any earthly rewards other than recognition and being part of it. But where do you put the coins? How to distribute those? It is stil about the blockchain and the coins. To distribute them evenly around to all wallets available? That would make running the most wallets profitable and take the whole thing askew again.

Trying to manipulate the bitcoin value to keep it non-profitable for miners, but how?

amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1019


View Profile
October 12, 2015, 07:47:04 AM
 #59

Mining without profit
Wat?
neoneros
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250


I can draw your avatar!


View Profile WWW
October 12, 2015, 10:07:20 AM
 #60


Dat!

It is the profit that is centralising the mining towards pools and mega mining rigs. Thus undermining the decentralised nature of the blockchain.

But what is the incentive to mine?
Where does the value of the bitcoin come from if it is not from profit?

It is a flaw(or asset) in human nature to be greedy, so how could we overcome this problem to keep the blockchain decentralised?

Pages: « 1 2 [3] 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!