Bitcoin Forum
March 19, 2024, 02:14:37 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 »  All
  Print  
Author Topic: A successful DOUBLE SPEND US$10000 against OKPAY this morning.  (Read 123951 times)
macbook-air (OP)
Sr. Member
****
Offline Offline

Activity: 324
Merit: 260


View Profile WWW
March 12, 2013, 06:22:02 PM
Merited by xandry (10)
 #1

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.

1710814477
Hero Member
*
Offline Offline

Posts: 1710814477

View Profile Personal Message (Offline)

Ignore
1710814477
Reply with quote  #2

1710814477
Report to moderator
1710814477
Hero Member
*
Offline Offline

Posts: 1710814477

View Profile Personal Message (Offline)

Ignore
1710814477
Reply with quote  #2

1710814477
Report to moderator
1710814477
Hero Member
*
Offline Offline

Posts: 1710814477

View Profile Personal Message (Offline)

Ignore
1710814477
Reply with quote  #2

1710814477
Report to moderator
The network tries to produce one block per 10 minutes. It does this by automatically adjusting how difficult it is to produce blocks.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
Jan
Legendary
*
Offline Offline

Activity: 1043
Merit: 1002



View Profile
March 12, 2013, 06:38:27 PM
 #2

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.
Ouch...

Mycelium let's you hold your private keys private.
bg002h
Donator
Legendary
*
Offline Offline

Activity: 1459
Merit: 1045


I outlived my lifetime membership:)


View Profile WWW
March 12, 2013, 06:38:59 PM
 #3

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.

Good thing someone honest was the cause of the double spend...

Hardforks aren't that hard. It’s getting others to use them that's hard.
1GCDzqmX2Cf513E8NeThNHxiYEivU1Chhe
Jan
Legendary
*
Offline Offline

Activity: 1043
Merit: 1002



View Profile
March 12, 2013, 06:42:19 PM
 #4

Here is the tx: http://blockchain.info/tx/12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195

Mycelium let's you hold your private keys private.
Elwar
Legendary
*
Offline Offline

Activity: 3598
Merit: 2384


Viva Ut Vivas


View Profile WWW
March 12, 2013, 06:47:22 PM
 #5

Ugh...this is worse than we thought.

Is this the first double spend?

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
yokosan
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


View Profile
March 12, 2013, 06:51:50 PM
 #6

alir
Member
**
Offline Offline

Activity: 215
Merit: 11



View Profile
March 12, 2013, 06:52:54 PM
 #7

Guess they don't owe you anymore.
Largo
Member
**
Offline Offline

Activity: 112
Merit: 10



View Profile
March 12, 2013, 07:00:44 PM
 #8

Thats why merchants should have stopped accepting bitcoin deposits, at least those handing out some other form of cash instantly.

The problem was that 0.8 clients were thinking they are in the right fork (because that was actually the case before miners switched to 0.7) so it didnt stop the RPC interface like the 0.7 clients did.


Isokivi
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1000


Items flashing here available at btctrinkets.com


View Profile WWW
March 12, 2013, 07:01:52 PM
 #9

Heres a merchant giving 0-fucks about double spends, go for it. www.btctrinkets.com Every single payment goes trough a payment processor (mtgox) and I verify every single payment by hand.

Bitcoin trinkets now on my online store: btc trinkets.com <- Bitcoin Tiepins, cufflinks, lapel pins, keychains, card holders and challenge coins.
etotheipi
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
March 12, 2013, 07:04:49 PM
 #10

Any guesses as to the reason it didn't show up in the pre-0.8 branch?   I don't see any reason that the original transaction could be systematically rejected by one branch and not the other.  Even transactions that hadn't made it into blocks in the pre-0.7 branch should still be in the nodes' memory pools and double-spends rejected.

gmaxwell pointed out that this could happen if an attacker started by flooding the system with duplicate transactions hoping to create disagreement, but it sounds like macbook-air did not do that.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1135


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 12, 2013, 07:13:20 PM
 #11

A serious solution is simply for several major stakeholders to publish signed endorsements and/or kills to blocks. Users can subscribe to them, and if a supermajority agrees to kill a block, the merchant at the very least can be configured to stop and go into safe mode.

I have thought of this long ago, now others might take the idea seriously. It was aggressively rejected in the past under the pretense it was too "centralized".  I believe we need it to raise the bar on the risk of a 51% attack.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
elux
Legendary
*
Offline Offline

Activity: 1458
Merit: 1006



View Profile
March 12, 2013, 07:16:18 PM
 #12

All time UTC+08:00:

08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446

You should know what happens next...

I bet merchants would think twice before they decide to accept Bitcoins after the incident.
Ouch...


And the other: http://blockchain.info/tx-index/59996016

The "unconfirmed" transaction was included in http://blockchain.info/block-index/357971, later orphaned.

Story seems to check out. How many confirmations did the first transaction get?
TheButterZone
Legendary
*
Offline Offline

Activity: 3024
Merit: 1031


RIP Mommy


View Profile WWW
March 12, 2013, 07:18:04 PM
 #13

move topic> https://bitcointalk.org/index.php?board=85.0 ?

Saying that you don't trust someone because of their behavior is completely valid.
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
March 12, 2013, 07:20:09 PM
 #14

gmaxwell pointed out that this could happen if an attacker started by flooding the system with duplicate transactions hoping to create disagreement, but it sounds like macbook-air did not do that.
One way would be for miners on the other fork to already have long mempool queues, and so the transaction was just waiting to get mined but they had it. The miners were restarted to switch from 0.8 to 0.7 and in doing so that instantly expires their mempools, and nothing will resync them. Once an entry is mempool expired then all it takes it the transaction managing to get relayed to one of them.
MrCrabs
Full Member
***
Offline Offline

Activity: 121
Merit: 100



View Profile
March 12, 2013, 07:21:24 PM
 #15

How serious is this please. Double spends  I thought were impossible . Huh
Melbustus
Legendary
*
Offline Offline

Activity: 1722
Merit: 1003



View Profile
March 12, 2013, 07:26:35 PM
 #16

How serious is this please. Double spends  I thought were impossible . Huh

Was only an issue while there were two chains; ie, for a couple hours last night. The possibility was well-known, which is why it was recommended that merchants, exchanges, etc, stop taking payments/deposits until the issue was resolved, which it now is.

Bitcoin is the first monetary system to credibly offer perfect information to all economic participants.
nevafuse
Sr. Member
****
Offline Offline

Activity: 247
Merit: 250


View Profile
March 12, 2013, 07:35:06 PM
 #17

Any guesses as to the reason it didn't show up in the pre-0.8 branch?   I don't see any reason that the original transaction could be systematically rejected by one branch and not the other.  Even transactions that hadn't made it into blocks in the pre-0.7 branch should still be in the nodes' memory pools and double-spends rejected.

Is this the only successful double spend from last night?  Maybe the difference will be easier to spot if there are others.  Sounds like there may be other fork issues besides the database problem.

The only reason to limit the block size is to subsidize non-Bitcoin currencies
Spekulatius
Legendary
*
Offline Offline

Activity: 1022
Merit: 1000



View Profile
March 12, 2013, 07:35:34 PM
 #18

@ OP: Did you repay OK? Grin
Ivica
Full Member
***
Offline Offline

Activity: 218
Merit: 100


Firstbits: 19e3fc


View Profile
March 12, 2013, 07:37:14 PM
 #19

@ OP: Did you repay OK? Grin

Nope, until they repay 64.91410001 BTC.

19e3fcoLTu8YVFAU1NywJ88YnHH5kF8ScP - donations are welcome.
Nick
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile
March 12, 2013, 07:41:05 PM
 #20

A serious solution is simply for several major stakeholders to publish signed endorsements and/or kills to blocks. Users can subscribe to them, and if a supermajority agrees to kill a block, the merchant at the very least can be configured to stop and go into safe mode.

I have thought of this long ago, now others might take the idea seriously. It was aggressively rejected in the past under the pretense it was too "centralized".  I believe we need it to raise the bar on the risk of a 51% attack.


I have just read this on the reddit thread:

Quote from: Bitcoinin
Merchants like this probably need to build something into their systems to automatically go into a safe mode if a 2-3 block fork is detected.

This might be an equally effective but less centralized approach. What do you think?

Pages: [1] 2 3 4 5 6 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!