Question about doublespend

[kzv]

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

[HeRetiK]

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

[kzv]

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

Thank you.

[HeRetiK]

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

Thank you.

You're welcome. I did a little digging and if I'm not mistaken this was the commit that fixed it:

https://github.com/bitcoin/bitcoin/commit/4b8a3f5d235f40be8102506ab26caad005cc40d6

I'm not sure why they didn't remove the comment about skipping this check in CheckBlock() though.