Stats on malled transactions

[Abdussamad]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

[il--ya]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

[nibyokwy]

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

yes, there are reports. foundation blog also reports issues:.

Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software.

[DeathAndTaxes]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

[TechieCFO]

someone has proven beyond a shadow of a doubt that bit coin is
capable of being manipulated.

someone would do that who has it in their interests to do that.
certainly many parties would fit that bill.

i agree with the writer who said now is not the time to point fingers.
Fix the present problem. No one will remember it in a month.

But the real problem is 20 million merchants just put Bitcoin on
the back burner for the next year. Not good for Bitcoin at all.

bad press == bad price. bad price == bad investment.

of course, a couple months ago, I suggested Bitcoin should build in the
exchange process into the wallets. Bitcoin touts its "decentralized" nature
but every exchange has an easy bulls-eye on its back for governments to
take aim at. In other words, since Bitcoin's exchanges are centralized,
so therefore is Bitcoin.

Just my two cents. Hope it helps. I would like to see Bitcoin thrive. It can become
the electric car of the monetary system,…. a valuable addition.

[Rampion]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

Define "screwed up". If your definition of "screwed up" includes a slowed down bitcoin economy because most (if not all) services are having problems with delayed transactions that are not credited to customer's accounts then YES, a single PC can "screw up" 25% of transactions and dramatically slow down the economy.

[oakpacific]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

[DeathAndTaxes]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

Obviously you didn't read the post or link.  I said nothing about delivering goods before confirmed.

[oakpacific]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

Obviously you didn't read the post or link.  I said nothing about delivering goods before confirmed.

I am not saying you have said anything wrong, I was referring to the panic. And I don't think such consequences can be considered "screwed up", as an end user I would probably not even notice anything other than a slow-up of the network if I don't pay attention.

[DeathAndTaxes]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

Obviously you didn't read the post or link.  I said nothing about delivering goods before confirmed.

I am not saying you have said anything wrong, I was referring to the panic. And I don't think such consequences can be considered "screwed up", as an end user I would probably not even notice anything other than a slow-up of the network if I don't pay attention.

You wouldn't notice a transaction you made (or someone made to you) that never confirms due to no fault of your own.  By never, I mean never. Not in an hour, or a day, or a year.  
Most people would and they probably would consider that "screwed up".

[oakpacific]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

Obviously you didn't read the post or link.  I said nothing about delivering goods before confirmed.

I am not saying you have said anything wrong, I was referring to the panic. And I don't think such consequences can be considered "screwed up", as an end user I would probably not even notice anything other than a slow-up of the network if I don't pay attention.

You wouldn't notice a transaction you made (or someone made to you) that never confirms due to no fault of your own.  By never, I mean never. Not in an hour, or a day, or a year.  
Most people would and they probably would consider that "screwed up".

Well, I don't know about you, but when I actually want to see if my tx gets confirmed, I always search for the address and check if there is a new transaction with the correct amount, coming from the right address, probably it's just me though...

I have no idea how do other clients track the txs, but I would be utterly surprised if there are still that many using Bitcoin-Qt.

[DeathAndTaxes]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

Obviously you didn't read the post or link.  I said nothing about delivering goods before confirmed.

I am not saying you have said anything wrong, I was referring to the panic. And I don't think such consequences can be considered "screwed up", as an end user I would probably not even notice anything other than a slow-up of the network if I don't pay attention.

You wouldn't notice a transaction you made (or someone made to you) that never confirms due to no fault of your own.  By never, I mean never. Not in an hour, or a day, or a year. 
Most people would and they probably would consider that "screwed up".

Well, I don't know about you, but when I actually want to see if my tx gets confirmed, I always search for the address and check if there is a new transaction with the correct amount, probably it's just me though...

Once again you might want to read the link. I am not talking about it being confirmed under a new tx id.  I am talking about it NEVER confirming because it now has become invalid due to the inputs being invalid.

[oakpacific]

The number of "double spends" (most of which I believe is mutated transactions) for the last 24 hours:
2014-02-11 16960
(will edit OP to reflect this)

It is slightly lower than I anticipated, as it was already above 16k 9 hours before the CET day ended (24 hours). Maybe the attack subsided, or someone is having a break.

this is probably related to the current malleability attack on the bitcoin network (25% of transactions were affected today). it has nothing to do with your theft.

In addition to the above jgarzik is quoted on reddit to have said that one home PC could have done this. One home PC can screw up 25% of transactions!

Hold on. Are there actually any reports of something being screwed, apart from couple of exchanges who stopped withdrawals as a precaution measure?

It depends on what you mean by "screwed up".  The attacker can't change the inputs or outputs or fees, however they can change the tx hash of unconfirmed txs.  There were over 16,000 tx "mutated" in the last 24 hours.  I am sure they weren't all withdraws from exchanges. It would appear the attackers are simply mutating in mass all transactions they are able to and broadcasting the mutated version into the network.  If the mutated version of the tx is the one which gets confirmed it can have consequences for any user.

https://bitcointalk.org/index.php?topic=460944.0

So, don't deliver until the transaction to you is confirmed, is that....news?

Obviously you didn't read the post or link.  I said nothing about delivering goods before confirmed.

I am not saying you have said anything wrong, I was referring to the panic. And I don't think such consequences can be considered "screwed up", as an end user I would probably not even notice anything other than a slow-up of the network if I don't pay attention.

You wouldn't notice a transaction you made (or someone made to you) that never confirms due to no fault of your own.  By never, I mean never. Not in an hour, or a day, or a year.  
Most people would and they probably would consider that "screwed up".

Well, I don't know about you, but when I actually want to see if my tx gets confirmed, I always search for the address and check if there is a new transaction with the correct amount, probably it's just me though...

Once again you might want to read the link. I am not talking about it being confirmed under a new tx id.  I am talking about it NEVER confirming because it now has become invalid due to the inputs being invalid.

Well, you said the mutated one gets confirmed, can I find the one or not? Thanks.

EDIT: Okay, I read your OP, I was awfully unaware of the way the reference client works as I have never actually used it, thanks.

[DeathAndTaxes]

Well, you said the mutated one gets confirmed, can I find the one or not? Thanks.

https://bitcointalk.org/index.php?topic=460944.msg5089865#msg5089865

Please actually read the section labeled "Mutable Transaction ids break spending unconfirmed change".

To answer your question.  No.  You can "find it" but a tx created from an unconfirmed change output which is subsequently mutated will never confirm.

[oakpacific]

Well, you said the mutated one gets confirmed, can I find the one or not? Thanks.

https://bitcointalk.org/index.php?topic=460944.msg5089865#msg5089865

Please actually read the section labeled "Mutable Transaction ids break spending unconfirmed change".

To answer your question.  No.  You can "find it" but a tx created from an unconfirmed change output which is subsequently mutated will never confirm.

I corrected my post, how many clients you know share the same behaviour?

EDIT: I would suggest you somehow also post your OP in the tech discussion board btw.

[DeathAndTaxes]

I am fairly certain that all (or nearly all) clients allow spending unconfirmed change outputs.  Until the "mass mutation attack" it improved the user experience to have this option.  Without the ability to spend unconfirmed change outputs the user could potentially (depending on what other confirmed outputs are available) need to wait for confirmations between spends.  I can't see any wallet intentionally doing that.  Many some minor less tested wallet may have accidentally ended up with that behavior.

[oakpacific]

I am fairly certain that all (or nearly all) clients allow spending unconfirmed change outputs.  Until the "mass mutation attack" it improved the user experience to have this option.  Without the ability to spend unconfirmed change outputs the user could potentially (depending on what other confirmed outputs are available) need to wait for confirmations between spends.  I can't see any wallet intentionally doing that.  Many some minor less tested wallet may have accidentally ended up with that behavior.

AFAIK, Armory automatically send change to a new address, so at least it could have an option to disallow spending unconfirmed change outputs, unless there is nothing else spendable, should work in many cases.

Also, shouldn't the priority of spending be decided by the coin-age? As the fee rule discourages spending "hot" coins.

[leoragraves666]

someone has proven beyond a shadow of a doubt that bit coin is
capable of being manipulated.

someone would do that who has it in their interests to do that.
certainly many parties would fit that bill.

i agree with the writer who said now is not the time to point fingers.
Fix the present problem. No one will remember it in a month.

But the real problem is 20 million merchants just put Bitcoin on
the back burner for the next year. Not good for Bitcoin at all.

bad press == bad price. bad price == bad investment.

of course, a couple months ago, I suggested Bitcoin should build in the
exchange process into the wallets. Bitcoin touts its "decentralized" nature
but every exchange has an easy bulls-eye on its back for governments to
take aim at. In other words, since Bitcoin's exchanges are centralized,
so therefore is Bitcoin.

Just my two cents. Hope it helps. I would like to see Bitcoin thrive. It can become
the electric car of the monetary system,…. a valuable addition.

Manipulated? It can always be manipulated with enough money... Actually, for  a normal person/exchange this doesnt affect the btc, because we always waited for 3 or 6 confirms before delivering. It will clear up

[ZephramC]

Maybe this is too simple to be right, but...
Would not running rescan in bitcoin-QT from the time "some time before problematic unconfirmed-change-spending transaction" help?

[prezbo]

AFAIK, Armory automatically send change to a new address, so at least it could have an option to disallow spending unconfirmed change outputs, unless there is nothing else spendable, should work in many cases.

Also, shouldn't the priority of spending be decided by the coin-age? As the fee rule discourages spending "hot" coins.

I am certain it does, but since selection of what outputs are used for a new transaction is (mostly, unless you use coin control) out of your hands you can never be sure unconfirmed change has not been used.