Bitcoin Forum
November 16, 2024, 02:38:54 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Question about doublespend  (Read 191 times)
kzv (OP)
Legendary
*
Offline Offline

Activity: 1722
Merit: 1285

OpenTrade - Open Source Cryptocurrency Exchange


View Profile WWW
November 28, 2018, 10:18:16 AM
 #1

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

OpenTrade - Open Source Cryptocurrency Exchange
HeRetiK
Legendary
*
Offline Offline

Activity: 3122
Merit: 2177


Playgram - The Telegram Casino


View Profile
November 28, 2018, 10:37:16 AM
Merited by mocacinno (1), LoyceV (1)
 #2

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
kzv (OP)
Legendary
*
Offline Offline

Activity: 1722
Merit: 1285

OpenTrade - Open Source Cryptocurrency Exchange


View Profile WWW
November 28, 2018, 10:52:00 AM
 #3

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

Thank you.

OpenTrade - Open Source Cryptocurrency Exchange
HeRetiK
Legendary
*
Offline Offline

Activity: 3122
Merit: 2177


Playgram - The Telegram Casino


View Profile
November 28, 2018, 10:57:09 AM
Merited by LoyceV (1)
 #4

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

Thank you.

You're welcome. I did a little digging and if I'm not mistaken this was the commit that fixed it:

https://github.com/bitcoin/bitcoin/commit/4b8a3f5d235f40be8102506ab26caad005cc40d6

I'm not sure why they didn't remove the comment about skipping this check in CheckBlock() though.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!