Bitcoin Forum
January 16, 2019, 01:29:31 PM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Maleability testing?  (Read 958 times)
s2
Full Member
***
Offline Offline

Activity: 173
Merit: 104


View Profile
August 08, 2017, 02:01:29 PM
 #1

Does anyone have any scripts or suggestions on how to test malleability issues in my wallet?

I.e. how do people make sure they handle this correctly?
1547645371
Hero Member
*
Offline Offline

Posts: 1547645371

View Profile Personal Message (Offline)

Ignore
1547645371
Reply with quote  #2

1547645371
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1547645371
Hero Member
*
Offline Offline

Posts: 1547645371

View Profile Personal Message (Offline)

Ignore
1547645371
Reply with quote  #2

1547645371
Report to moderator
amaclin1
Full Member
***
Offline Offline

Activity: 532
Merit: 226


View Profile
August 08, 2017, 09:13:02 PM
 #2

how do people make sure they handle this correctly?
... reading and understanding the program code? Grin
s2
Full Member
***
Offline Offline

Activity: 173
Merit: 104


View Profile
August 09, 2017, 07:39:54 AM
 #3

Thanks but I'm interested in knowing what sort of malleability attacks are easy to do that I can test with?

Seems difficult to protect against it without usecases I could try on testnet.
Jolyquinzel
Jr. Member
*
Offline Offline

Activity: 58
Merit: 10


View Profile
August 12, 2017, 07:01:29 PM
 #4

how do people make sure they handle this correctly?
... reading and understanding the program code? Grin

genius
aaand what if u dont understand any in code?
amaclin1
Full Member
***
Offline Offline

Activity: 532
Merit: 226


View Profile
August 14, 2017, 05:40:23 AM
 #5

how do people make sure they handle this correctly?
... reading and understanding the program code? Grin

genius
aaand what if u dont understand any in code?
you will not understand testing results either  Tongue
s2
Full Member
***
Offline Offline

Activity: 173
Merit: 104


View Profile
August 14, 2017, 01:44:55 PM
 #6

Anyone actually know how to do this?

This seems like a good read but no obvious script examples.
https://bitcointalk.org/index.php?topic=8392.msg122410#msg122410
amaclin1
Full Member
***
Offline Offline

Activity: 532
Merit: 226


View Profile
August 14, 2017, 02:29:56 PM
 #7

Anyone actually know how to do this?
How to do what?
Test your sources for finding malleability issues?
Ready to pay? I am a great pretender expert in malleability Smiley
s2
Full Member
***
Offline Offline

Activity: 173
Merit: 104


View Profile
August 29, 2017, 09:27:18 AM
 #8

 Wink Thanks amaclin1.

I'm looking for steps to do a malleability test.  E.g. a python script or steps to issue a double spend using a malleability issue.

The only malleability attack I knew of before was the high/low S value, I'm certain there are others but not sure what they are or where to find them.

Guess what would be awesome is something that can run on testnet which issued two tx's for transferring funds from A->B but had two different txids...


come to mention it, perhaps that's all that is required?  I could just sign two identical transactions and issue them at the same time?
amaclin1
Full Member
***
Offline Offline

Activity: 532
Merit: 226


View Profile
August 29, 2017, 10:18:14 AM
 #9

come to mention it, perhaps that's all that is required? 
I could just sign two identical transactions and issue them at the same time?
This case is not a "true" malleability.
You always can create two transactions spending funds to two different destinations.
And only one will be confirmed.
Usually we care about Man-in-the-Middle. He should not do anything with your data.

There were several sources of malleability for standard (this is important!) bitcoin scripts.
The last was fixed with segwit transactions
tomtomtom7
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
August 29, 2017, 12:56:24 PM
 #10

You could look at the malleability integration test in the Core repo:

https://github.com/bitcoin/bitcoin/blob/master/test/functional/txn_clone.py

Pages: [1]
  Print  
 
Jump to:  

Bitcointalk.org is not available or authorized for sale. Do not believe any fake listings.
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!