Bitcoin Forum
May 24, 2019, 10:43:23 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Question about doublespend  (Read 87 times)
kzv
Hero Member
*****
Offline Offline

Activity: 1246
Merit: 689


View Profile WWW
November 28, 2018, 10:18:16 AM
 #1

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

Open source crypto exchange https://trade.multicoins.org
Donate Marycoin project development: MS12okFu6D3FzBi2fTsmGEa6iQV9h31txe
In order to achieve higher forum ranks, you need both activity points and merit points.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558694603
Hero Member
*
Offline Offline

Posts: 1558694603

View Profile Personal Message (Offline)

Ignore
1558694603
Reply with quote  #2

1558694603
Report to moderator
1558694603
Hero Member
*
Offline Offline

Posts: 1558694603

View Profile Personal Message (Offline)

Ignore
1558694603
Reply with quote  #2

1558694603
Report to moderator
1558694603
Hero Member
*
Offline Offline

Posts: 1558694603

View Profile Personal Message (Offline)

Ignore
1558694603
Reply with quote  #2

1558694603
Report to moderator
HeRetiK
Legendary
*
Offline Offline

Activity: 1120
Merit: 1049


the forkings will continue until morale improves


View Profile
November 28, 2018, 10:37:16 AM
Merited by mocacinno (1), LoyceV (1)
 #2

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

kzv
Hero Member
*****
Offline Offline

Activity: 1246
Merit: 689


View Profile WWW
November 28, 2018, 10:52:00 AM
 #3

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

Thank you.

Open source crypto exchange https://trade.multicoins.org
Donate Marycoin project development: MS12okFu6D3FzBi2fTsmGEa6iQV9h31txe
HeRetiK
Legendary
*
Offline Offline

Activity: 1120
Merit: 1049


the forkings will continue until morale improves


View Profile
November 28, 2018, 10:57:09 AM
Merited by LoyceV (1)
 #4

Hi

I have look at this code https://github.com/bitcoin/bitcoin/blob/master/src/consensus/tx_verify.cpp#L183
So my question: if bad miner will include into his block a transaction with duplicate inputs then bitcoin nodes will not check this and the block will valid?

No. A block that includes a double-spend is invalid and as such will be discarded by the other nodes. (both mining and non-mining nodes)

Edit: If I recall correctly a misusage of this function is what caused vulnerability CVE-2018–17144, which would have potentially allowed for double-spend attacks the way you described.

Thank you.

You're welcome. I did a little digging and if I'm not mistaken this was the commit that fixed it:

https://github.com/bitcoin/bitcoin/commit/4b8a3f5d235f40be8102506ab26caad005cc40d6

I'm not sure why they didn't remove the comment about skipping this check in CheckBlock() though.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!