Bitcoin Forum
April 27, 2015, 12:03:35 PM *
News: Latest stable version of Bitcoin Core: 0.10.0 [Torrent]
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 »  All
  Print  
Author Topic: A successful DOUBLE SPEND US$10000 against OKPAY this morning.  (Read 88213 times)
macbook-air
Full Member
***
Offline Offline

Activity: 173


View Profile WWW

Ignore
March 12, 2013, 06:22:02 PM
 #1

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.

1430136215
Hero Member
*
Offline Offline

Posts: 1430136215

View Profile Personal Message (Offline)

Ignore
1430136215
Reply with quote  #2

1430136215
Report to moderator
1430136215
Hero Member
*
Offline Offline

Posts: 1430136215

View Profile Personal Message (Offline)

Ignore
1430136215
Reply with quote  #2

1430136215
Report to moderator
coin palaceHE MADE HIS OWN BTC CASINO WITH BLACKJACK  CLICK HERE!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1430136215
Hero Member
*
Offline Offline

Posts: 1430136215

View Profile Personal Message (Offline)

Ignore
1430136215
Reply with quote  #2

1430136215
Report to moderator
1430136215
Hero Member
*
Offline Offline

Posts: 1430136215

View Profile Personal Message (Offline)

Ignore
1430136215
Reply with quote  #2

1430136215
Report to moderator
Jan
Legendary
*
Offline Offline

Activity: 1041



View Profile

Ignore
March 12, 2013, 06:38:27 PM
 #2

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.
Ouch...

Mycelium let's you hold your private keys private.
bg002h
Donator
Legendary
*
Offline Offline

Activity: 1260


Got GLIPH? https://gli.ph/m *p-d-d


View Profile WWW

Ignore
March 12, 2013, 06:38:59 PM
 #3

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.

Good thing someone honest was the cause of the double spend...

My very own Casascius Bearer Bar: 1GCDzqmX2Cf513E8NeThNHxiYEivU1Chhe
Jan
Legendary
*
Offline Offline

Activity: 1041



View Profile

Ignore
March 12, 2013, 06:42:19 PM
 #4

Here is the tx: http://blockchain.info/tx/12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195

Mycelium let's you hold your private keys private.
Elwar
Legendary
*
Online Online

Activity: 1358


www.bitpools.com


View Profile WWW

Ignore
March 12, 2013, 06:47:22 PM
 #5

Ugh...this is worse than we thought.

Is this the first double spend?

http://www.bitpools.com
Pool your bitcoins with others. Vote on solutions using the Bitcoin blockchain. Keep your bitcoins in your cold storage until you find a solution you like.
yokosan
Sr. Member
****
Offline Offline

Activity: 252



View Profile

Ignore
March 12, 2013, 06:51:50 PM
 #6

alir
Member
**
Offline Offline

Activity: 84


Developer


View Profile WWW

Ignore
March 12, 2013, 06:52:54 PM
 #7

Guess they don't owe you anymore.

Largo
Member
**
Offline Offline

Activity: 112



View Profile

Ignore
March 12, 2013, 07:00:44 PM
 #8

Thats why merchants should have stopped accepting bitcoin deposits, at least those handing out some other form of cash instantly.

The problem was that 0.8 clients were thinking they are in the right fork (because that was actually the case before miners switched to 0.7) so it didnt stop the RPC interface like the 0.7 clients did.


Isokivi
Hero Member
*****
Offline Offline

Activity: 882


Items flashing here available at btctrinkets.com


View Profile WWW

Ignore
March 12, 2013, 07:01:52 PM
 #9

Heres a merchant giving 0-fucks about double spends, go for it. www.btctrinkets.com Every single payment goes trough a payment processor (mtgox) and I verify every single payment by hand.

Bitcoin trinkets now on my online store: btc trinkets.com <- Bitcoin Tiepins, cufflinks, lapel pins, keychains, card holders and challenge coins.
etotheipi
Legendary
*
Offline Offline

Activity: 1358


Core Armory Developer


View Profile WWW

Ignore
March 12, 2013, 07:04:49 PM
 #10

Any guesses as to the reason it didn't show up in the pre-0.8 branch?   I don't see any reason that the original transaction could be systematically rejected by one branch and not the other.  Even transactions that hadn't made it into blocks in the pre-0.7 branch should still be in the nodes' memory pools and double-spends rejected.

gmaxwell pointed out that this could happen if an attacker started by flooding the system with duplicate transactions hoping to create disagreement, but it sounds like macbook-air did not do that.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1288


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW

Ignore
March 12, 2013, 07:13:20 PM
 #11

A serious solution is simply for several major stakeholders to publish signed endorsements and/or kills to blocks. Users can subscribe to them, and if a supermajority agrees to kill a block, the merchant at the very least can be configured to stop and go into safe mode.

I have thought of this long ago, now others might take the idea seriously. It was aggressively rejected in the past under the pretense it was too "centralized".  I believe we need it to raise the bar on the risk of a 51% attack.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
elux
Legendary
*
Offline Offline

Activity: 1092



View Profile

Ignore
March 12, 2013, 07:16:18 PM
 #12

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.
Ouch...


And the other: http://blockchain.info/tx-index/59996016

The "unconfirmed" transaction was included in http://blockchain.info/block-index/357971, later orphaned.

Story seems to check out. How many confirmations did the first transaction get?
TheButterZone
Legendary
*
Offline Offline

Activity: 1022


Nemo me impune lacessit


View Profile WWW

Ignore
March 12, 2013, 07:18:04 PM
 #13

move topic> https://bitcointalk.org/index.php?board=85.0 ?

ΜΟΛΩΝ ΛΑΒΕ! I sell stuff for BTC here here and here | Flute & Violin For Sale | Voiceover for BTC | Copy editing for BTC
gpg_identity=http://pgp.thebutterzone.com | WoT feedback here & eBay feedback here | Buy BTC in San Diego, CA, or worldwide! | Get paid for taking surveys!
PayPal: Bitcoinese for "FU, I'm getting a chargeback up to 365 days later!" | Bitcoin voice chat | Utilities For Bitcoin Sellers | THE Bitcoin Sound is here.
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 1442


View Profile

Ignore
March 12, 2013, 07:20:09 PM
 #14

gmaxwell pointed out that this could happen if an attacker started by flooding the system with duplicate transactions hoping to create disagreement, but it sounds like macbook-air did not do that.
One way would be for miners on the other fork to already have long mempool queues, and so the transaction was just waiting to get mined but they had it. The miners were restarted to switch from 0.8 to 0.7 and in doing so that instantly expires their mempools, and nothing will resync them. Once an entry is mempool expired then all it takes it the transaction managing to get relayed to one of them.
MrCrabs
Member
**
Offline Offline

Activity: 110



View Profile

Ignore
March 12, 2013, 07:21:24 PM
 #15

How serious is this please. Double spends  I thought were impossible . Huh
Melbustus
Legendary
*
Offline Offline

Activity: 1204



View Profile

Ignore
March 12, 2013, 07:26:35 PM
 #16

How serious is this please. Double spends  I thought were impossible . Huh

Was only an issue while there were two chains; ie, for a couple hours last night. The possibility was well-known, which is why it was recommended that merchants, exchanges, etc, stop taking payments/deposits until the issue was resolved, which it now is.

Bitcoin is the first monetary system to credibly offer perfect information to all economic participants.
1JNkCd7LwGGSzAAgkiLh1JDyjLQX8wmmEo  |  http://www.spotcoins.com/bitcoin/casascius
nevafuse
Sr. Member
****
Offline Offline

Activity: 248


View Profile

Ignore
March 12, 2013, 07:35:06 PM
 #17

Any guesses as to the reason it didn't show up in the pre-0.8 branch?   I don't see any reason that the original transaction could be systematically rejected by one branch and not the other.  Even transactions that hadn't made it into blocks in the pre-0.7 branch should still be in the nodes' memory pools and double-spends rejected.

Is this the only successful double spend from last night?  Maybe the difference will be easier to spot if there are others.  Sounds like there may be other fork issues besides the database problem.

The only reason to limit the block size is to subsidize non-Bitcoin currencies
Spekulatius
Legendary
*
Offline Offline

Activity: 1022



View Profile

Ignore
March 12, 2013, 07:35:34 PM
 #18

@ OP: Did you repay OK? Grin
Ivica
Full Member
***
Offline Offline

Activity: 217


Firstbits: 19e3fc


View Profile

Ignore
March 12, 2013, 07:37:14 PM
 #19

@ OP: Did you repay OK? Grin

Nope, until they repay 64.91410001 BTC.

19e3fcoLTu8YVFAU1NywJ88YnHH5kF8ScP - donations are welcome.
Nick
Jr. Member
*
Offline Offline

Activity: 54


View Profile

Ignore
March 12, 2013, 07:41:05 PM
 #20

A serious solution is simply for several major stakeholders to publish signed endorsements and/or kills to blocks. Users can subscribe to them, and if a supermajority agrees to kill a block, the merchant at the very least can be configured to stop and go into safe mode.

I have thought of this long ago, now others might take the idea seriously. It was aggressively rejected in the past under the pretense it was too "centralized".  I believe we need it to raise the bar on the risk of a 51% attack.


I have just read this on the reddit thread:

Quote from: Bitcoinin
Merchants like this probably need to build something into their systems to automatically go into a safe mode if a 2-3 block fork is detected.

This might be an equally effective but less centralized approach. What do you think?

Pages: [1] 2 3 4 5 6 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!