un_ordinateur
|
|
February 12, 2014, 09:20:43 PM |
|
Why not sign the entire transaction including the TXID?
Any random one? Even with thousands of inputs an attacker wouldn't be able to sign a mutated ID with any of the inputs. Looking around I actually get the feeling that one of the reasons why this minor issue was left on the shelf was because there's so many different people with so many possible different solutions. Adding any new requirement would "break" the protocol. Changing the behavior of signature production/requiring a new field in the transaction indicating which input signed the txid, would make all old wallet/miners/clients/exchange software unoperative. It would require forking the chain, because the blockchain does not actually contain that info. (I guess though the whole transaction signature might be dropped when the transaction is included in the chain; but then it would be only an "voluntary" rule enforced by miner to NOT include a mutated transaction by a third party.) Anyway, such "breaking" behavior is generally undesirable. The devs were trying to come up with a unique "canonical" way to construct a transaction such as there is only ONE way to make a given transaction, so that the resulting txid is unique too. A pool recieving a non-canonical transaction would mutate it before inclusion. Software requiring specific txid would make sure of producing a canonical transaction. That way we would introduce a new desirable behavior, without breaking anything. Looking around I actually get the feeling that one of the reasons why this minor issue was left on the shelf was because there's so many different people with so many possible different solutions.
In fact I feel it is EXACTLY that. That, and that, any change cannot be made overnight. And requires a few month of developpement/testing/deployment before thinking of enforcing it. -> A very complicated process for a "non-bug", if people had read the specs and had not assumed txid were non-mutable. (un)fortunately, the current crisis provides an opportunity to act much more quickly, because we already -do- have broken behavior, it can't get much worse. It can now be "spun" as a critical update that anybody must implement to continue to be able to use bitcoin.
|
|
|
|
hgmichna
|
|
February 13, 2014, 08:41:16 AM |
|
Adding any new requirement would "break" the protocol. Changing the behavior of signature production/requiring a new field in the transaction indicating which input signed the txid, would make all old wallet/miners/clients/exchange software unoperative.
It would require forking the chain, because the blockchain does not actually contain that info. (I guess though the whole transaction signature might be dropped when the transaction is included in the chain; but then it would be only an "voluntary" rule enforced by miner to NOT include a mutated transaction by a third party.)
Anyway, such "breaking" behavior is generally undesirable.[…] There is always the possibility to create an alternative format and make it mandatory, starting with block 12345 some time in the future. Obviously the clients would have to be able to process both the old format (before block 12345) and the new (block 12345 and beyond). It is a fork, but it could be pre-announced well in time, if a large majority of miners agree. Fundamentally, if the bitcoin algorithm could not be repaired and improved, it would die an early death.
|
|
|
|
un_ordinateur
|
|
February 13, 2014, 03:50:17 PM |
|
Adding any new requirement would "break" the protocol. Changing the behavior of signature production/requiring a new field in the transaction indicating which input signed the txid, would make all old wallet/miners/clients/exchange software unoperative.
It would require forking the chain, because the blockchain does not actually contain that info. (I guess though the whole transaction signature might be dropped when the transaction is included in the chain; but then it would be only an "voluntary" rule enforced by miner to NOT include a mutated transaction by a third party.)
Anyway, such "breaking" behavior is generally undesirable.[…] There is always the possibility to create an alternative format and make it mandatory, starting with block 12345 some time in the future. Obviously the clients would have to be able to process both the old format (before block 12345) and the new (block 12345 and beyond). It is a fork, but it could be pre-announced well in time, if a large majority of miners agree. Of course! Bitcoin has already done that a few time. But even if the change makes total sense, and all miners agree to it, it is still something the devs try to avoid as much as possible. Because it renders all unupdated clients non-functionnal. One could say "they just had to update", but sometimes it is not easy. For example, I remember seeing a pool table which could accept bitoin payments to release the balls. It is embedded electronics. Updating that is not easy. In any case, it is bad PR to have some people's software break because of an update, even it is their own fault. Thus the devs usually try to bunch such "breaking" changes in a single update to minimize the need for such updates, and only do it when a compelling problem requires it. The mutability problem had not been compelling enough before, but it is now.
|
|
|
|
hgmichna
|
|
February 13, 2014, 05:50:06 PM |
|
The mutability problem had not been compelling enough before, but it is now.
I wonder. The question is whether it is possible to calculate something from the signed content that can serve as a new kind of transaction ID. If so, then the clients could be fixed just by following advice and changing only very little code, without having to change the basic bitcoin algorithm at all.
|
|
|
|
taltamir
|
|
February 13, 2014, 05:57:28 PM |
|
So, to sum it up 1. DDOS attack exploits bugs in exchange's custom software 2. Bitcoin already has a fix which will be rolled out soon which will save exchanges from their own shoddy coding 3. Bitcoin price dropped 40% due to panic 4. Bitcoin price will go back to normal once this is fixed in a few days 5. Because exchanges all suspended transactions I can't actually buy bitcoins at this massively reduced price
|
|
|
|
ineededausername
|
|
February 13, 2014, 05:59:16 PM |
|
5. Because exchanges all suspended transactions I can't actually buy bitcoins at this massively reduced price uh, you could just buy bitcoins and wait...
|
(BFL)^2 < 0
|
|
|
taltamir
|
|
February 13, 2014, 06:02:18 PM |
|
5. Because exchanges all suspended transactions I can't actually buy bitcoins at this massively reduced price uh, you could just buy bitcoins and wait... where can I buy bitcoins if the exchanges are down?
|
|
|
|
Mowcore (OP)
|
|
February 13, 2014, 06:23:59 PM |
|
5. Because exchanges all suspended transactions I can't actually buy bitcoins at this massively reduced price uh, you could just buy bitcoins and wait... where can I buy bitcoins if the exchanges are down? You can still buy your BTC with ya filthy paper, you just can't withdraw your BTC from a few exchanges at the moment. This will be sorted in the coming days.
|
✰Humble Weekly Bundle.✰Pay What You Want. Redeem on Steam. Support charity. Pay with BTCitcoin now!✰--> Paypal
|
|
|
freebit13
|
|
February 13, 2014, 06:26:12 PM |
|
Did MK read this update by GA or is he still going around spreading lies or is the media just regurgitating old news? http://www.forbes.com/sites/leoking/2014/02/13/mt-gox-ceo-mark-karpeles-responds-to-widespread-bitcoin-criticism/Mark Karpeles: First, you need to understand that the Bitcoin implementation we use in MtGox was created back in 2011. The bitcoin client is not meant to handle the kind of load MtGox has and was having more and more troubles, lagging and crashing. We created our own implementation to solve those issues and to offer a better flexibility to our customers.
Over time Bitcoin changed and started implementing changes that would require people using previous versions of the software to upgrade. While we followed most of those updates we were more and more busy and couldn’t keep up with all the changes.
So it sounds to me like they put their customers flexibility (read: MtGox's bottom line) above the security and suitability of their software implementation and now try to blame the protocol for changing too quickly when transaction malleability was known about in the same year as the creation of their client.... in 2011! How can you respond to criticism about lying by repeating the same lie... does he think we're all idiots?
|
Decentralize EVERYTHING!
|
|
|
taltamir
|
|
February 13, 2014, 06:41:34 PM |
|
Say, since supposedly the issue is with the exchange's implementation of their wallets and not with the protocol itself... is there any exchange not affected by this current issue? You can still buy your BTC with ya filthy paper, you just can't withdraw your BTC from a few exchanges at the moment. This will be sorted in the coming days.
Oh, I see now. Well I better buy some BTC then.
|
|
|
|
leopard2
Legendary
Offline
Activity: 1372
Merit: 1014
|
|
February 13, 2014, 07:00:06 PM |
|
Looks like the attackers turned to Bitstamp once Gox suspended withdrawals? Either way it is not really a bug; just a vulnerability from what I gather Pretty much as if someone could change the comment field in a wire transfer: the wire would still arrive but it would cause confusion because the receiver could not easily assign the payment. If such a vulnerability is exploited by an attacker, could cause considerable damage to the entire ecosystem. I wonder if this was done maliciously to get cheap BTC? On a bigger scale than just asking for double-withdrawals? A lot of big money is looking to get into crypto at the moment; it makes a big difference whether they enter at 600 or 900 ...
|
Truth is the new hatespeech.
|
|
|
FandangledGizmo
Legendary
Offline
Activity: 1138
Merit: 1001
|
|
February 13, 2014, 09:09:49 PM |
|
Did MK read this update by GA or is he still going around spreading lies or is the media just regurgitating old news? http://www.forbes.com/sites/leoking/2014/02/13/mt-gox-ceo-mark-karpeles-responds-to-widespread-bitcoin-criticism/Mark Karpeles: First, you need to understand that the Bitcoin implementation we use in MtGox was created back in 2011. The bitcoin client is not meant to handle the kind of load MtGox has and was having more and more troubles, lagging and crashing. We created our own implementation to solve those issues and to offer a better flexibility to our customers.
Over time Bitcoin changed and started implementing changes that would require people using previous versions of the software to upgrade. While we followed most of those updates we were more and more busy and couldn’t keep up with all the changes.
So it sounds to me like they put their customers flexibility (read: MtGox's bottom line) above the security and suitability of their software implementation and now try to blame the protocol for changing too quickly when transaction malleability was known about in the same year as the creation of their client.... in 2011! How can you respond to criticism about lying by repeating the same lie... does he think we're all idiots? This MTGOX Ceo is something else, from the same article - Note that our announce[ment], while unfortunately upsetting a lot of people, allowed other exchanges to be much more cautious when faced with failing transactions, and most likely helped a lot of people understanding and dealing with the problem. Like they couldn't privately contact the other exchanges instead of releasing a statement purely designed to cause panic and give a nefarious entity (Maybe even GOX themselves) an attack vector to damage the Bitcoin network for a few days.
|
|
|
|
freebit13
|
|
February 13, 2014, 09:16:19 PM |
|
Did MK read this update by GA or is he still going around spreading lies or is the media just regurgitating old news? http://www.forbes.com/sites/leoking/2014/02/13/mt-gox-ceo-mark-karpeles-responds-to-widespread-bitcoin-criticism/Mark Karpeles: First, you need to understand that the Bitcoin implementation we use in MtGox was created back in 2011. The bitcoin client is not meant to handle the kind of load MtGox has and was having more and more troubles, lagging and crashing. We created our own implementation to solve those issues and to offer a better flexibility to our customers.
Over time Bitcoin changed and started implementing changes that would require people using previous versions of the software to upgrade. While we followed most of those updates we were more and more busy and couldn’t keep up with all the changes.
So it sounds to me like they put their customers flexibility (read: MtGox's bottom line) above the security and suitability of their software implementation and now try to blame the protocol for changing too quickly when transaction malleability was known about in the same year as the creation of their client.... in 2011! How can you respond to criticism about lying by repeating the same lie... does he think we're all idiots? This MTGOX Ceo is something else, from the same article - Note that our announce[ment], while unfortunately upsetting a lot of people, allowed other exchanges to be much more cautious when faced with failing transactions, and most likely helped a lot of people understanding and dealing with the problem. Like they couldn't privately contact the other exchanges instead of releasing a statement purely designed to cause panic and give a nefarious entity (Maybe even GOX themselves) an attack vector to damage the Bitcoin network for a few days. Yeah, was going to mention that too: "We programmed crappy code, but identifying a bug we built in that crappy code helped others find the same bug in their crappy code and also helped others with proper code identify why our crappy code was causing problems on their systems... aren't we great (pats himself on the back)"... WOW!
|
Decentralize EVERYTHING!
|
|
|
whtchocla7e
Full Member
Offline
Activity: 392
Merit: 116
Worlds Simplest Cryptocurrency Wallet
|
|
February 13, 2014, 09:23:28 PM |
|
If Bitcoin is not at fault, why are the Bitcoin developers working hard to fix the issue now... Yeah...
|
▂▂▂▂▂▂▂▂▂▂▂▂▂▃▅▆█ L E A D █▆▅▃▂▂▂▂▂▂▂▂▂▂▂▂ World's Simplest and Safest Decentralized Cryptocurrency Wallet! ▬▬▬▬▬▬▬ • STORE • SEND • SPEND • SWAP • STAKE • ▬▬▬▬▬▬
|
|
|
WuttWutt
Newbie
Offline
Activity: 28
Merit: 0
|
|
February 13, 2014, 09:26:30 PM |
|
Gavin's comment is full of shit then, wow.
Satoshi must feel shit seeing Gavin mess up big time over and over again, this time majorly.
|
|
|
|
darkmule
Legendary
Offline
Activity: 1176
Merit: 1005
|
|
February 14, 2014, 04:04:01 AM |
|
If Bitcoin is not at fault, why are the Bitcoin developers working hard to fix the issue now... Yeah... Obviously, because it is now a public relations issue. So more compelling technical issues are being shunted aside to deal with this comparatively trivial issue because of Gox's actions. Only because of Gox's fuckup and subsequent FUD has this difficult to fix but comparatively minor flaw suddenly become a priority, basically for PR reasons.
|
|
|
|
taltamir
|
|
February 14, 2014, 05:44:15 PM |
|
If Bitcoin is not at fault, why are the Bitcoin developers working hard to fix the issue now... Yeah... Because the value of their assets dropped 50% and will continue to drop unless the problem is fixed. And they worry that mtgox is too incompetent to fix it themselves
|
|
|
|
darkmule
Legendary
Offline
Activity: 1176
Merit: 1005
|
|
February 15, 2014, 12:04:43 AM |
|
If Bitcoin is not at fault, why are the Bitcoin developers working hard to fix the issue now... Yeah... Because the value of their assets dropped 50% and will continue to drop unless the problem is fixed. And they worry that mtgox is too incompetent to fix it themselves The price has already stabilized, so far as I can tell.
|
|
|
|
hgmichna
|
|
February 15, 2014, 06:42:40 AM |
|
The price has already stabilized, so far as I can tell.
Yes, but at what price? The Mt. Gox dollar price is only about 60% of the Bitstamp price. Does this mean that many Gox customers believe the price will fall that far on the other exchanges before Gox gets their bitcoin transmission going again? Or does it mean that they believe their dollars are safer on Gox than their bitcoins? Or what? I find it difficult to explain the price difference.
|
|
|
|
erik777
Sr. Member
Offline
Activity: 504
Merit: 250
Earn with impressio.io
|
|
February 15, 2014, 06:49:13 AM |
|
The price has already stabilized, so far as I can tell.
Yes, but at what price? The Mt. Gox dollar price is only about 60% of the Bitstamp price. Does this mean that many Gox customers believe the price will fall that far on the other exchanges before Gox gets their bitcoin transmission going again? Or does it mean that they believe their dollars are safer on Gox than their bitcoins? Or what? I find it difficult to explain the price difference. I shared the situation with someone who held a cash balance in MtGox per my introduction to bitcoins awhile back, and he chose to buy bitcoins now. He did the math and realized that in the end, a bitcoin is a bitcoin, whether you paid $400 or $700. Plus, only hope he has of getting his money out is via BTC withdrawal anyway. Even before this their international wires were backed up over 4 weeks.
|
|
|
|
|