transaction malleability workaround, end the current crisis

darsie (OP)

Newbie

Offline

Activity: 21
Merit: 0

transaction malleability workaround, end the current crisis

February 13, 2014, 03:40:24 AM
Last edit: February 13, 2014, 03:53:30 AM by darsie

Hey!

If I understood it right, the exchanges halted withdrawals because scammers modified transactions so the exchange wouldn't recognise them on the block chain and resend them, paying the scammer twice.

Instead of halting all withdrawals, exchanges could, IMHO, just stop resending withdrawals if they seem missing.

Only resend if you have a method of correctly determining that a tx really failed. I guess that might be done via the tx signature(s), as these can't be modified by a scammer without making the tx invalid.

If an exchange creates only proper tx there should be no failed tx and all should be fine. If there are bugs and tx do fail, these tx might be resolved manually, or accumulate, until they are eventually processed somehow. But some stuck tx are still way better, IMO than all withdrawals halted.

So, just stop resending appearently failed tx (if that is not safe) and resume withdrawals.

Bernhard

1714224539

Hero Member

Offline

Posts: 1714224539

Ignore

1714224539

1714224539


	Report to moderator

1714224539

Hero Member

Offline

Posts: 1714224539

Ignore

1714224539


	Report to moderator

1714224539

Hero Member

Offline

Posts: 1714224539

Ignore

1714224539


	Report to moderator

In order to get the maximum amount of activity points possible, you just need to post once per day on average. Skipping days is OK as long as you maintain the average.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

DeathAndTaxes

Donator
Legendary

Offline

Activity: 1218
Merit: 1079

Gerald Davis

Re: transaction malleability workaround

February 13, 2014, 03:48:28 AM

Only MtGox apparently double paid scammers.

Other exchanges shut down for a related but different reason. Someone on the network has been duplicating all transactions, not just theirs to get double payment. This wreaks havoc on the withdraw system of SOME exchanges due to it breaking the change output and causing subsequent transactions to fail. A few failures can be manually resolved but it was occuring is such high volume to essentially be a DDOS. The fix for that is a patched version of clients which doesn't spend unconfirmed change.

Of course some exchanges/brokers never shut down not even for a minute because their backends would sophisticated enough to handle the duplicates without issue.

So it is important to not lump all service providers together in the same category.

coastermonger

Sr. Member

Offline

Activity: 367
Merit: 250

Find me at Bitrated

Re: transaction malleability workaround, end the current crisis

February 13, 2014, 04:07:02 AM

1.) When a customer withdraws bitcoin from your service, include an extra output in the transaction to spend a portion of your own BTC back to a new address you control.
2.) Track the presence of that output at your new address. (Through a callback for instance)
3.) Did the bitcoin arrive?

If yes, then congratulations, you can be sure that the funds involved were delivered
If no, then neither your funds or the customers withdrawal were successfully sent out to begin with.

If for whatever reason an attacker tried to manually spend or fake-double spend bitcoin back to your new address as a "trick," all they've accomplished is an action that forces your system to mark their withdrawal as successful.

Bitrated user: Rees.

Pages: [1]

Bitcoin Forum > Bitcoin > Bitcoin Discussion > transaction malleability workaround, end the current crisis

« previous topic next topic »