What is Transaction malleability? How often will it happen?

[Julian ogan]

I was reading and just came across transaction malleability attack. I read multiple links that i got but, there are lot more questions in my mind.

My queries:

• Is double spent same thing or is different? How are they same or how are they differentiated?
• How often such a thing will occur?
• Is it fixed?
• Can a miner with 51% mining power can do this? As he/she with 51% power can do 51% attack

Can someone please explain this attack in lye-man language? 

[NeuroticFish]

I was reading and just came across transaction malleability attack. I read multiple links that i got but, there are lot more questions in my mind.

Did you find / read this article? https://www.coindesk.com/bitcoin-bug-guide-transaction-malleability
It seems to answers to basically all your questions in a pretty simple language.

[ABCbits]

• Is double spent same thing or is different? How are they same or how are they differentiated?

It's different, the main difference is

• double-spend transaction have different output
• malleability transaction only have different transaction hash (input/output exactly same)

• How often such a thing will occur?

That depends whether someone decide to abuse Transaction malleability

• Is it fixed?

Yes, if you use SegWit address.

• Can a miner with 51% mining power can do this? As he/she with 51% power can do 51% attack

Yes, but you don't need any mining power to do it. All you need to are change transaction/signature format of an transaction and broadcast it.

[Julian ogan]

• Is double spent same thing or is different? How are they same or how are they differentiated?

It's different, the main difference is

• double-spend transaction have different output
• malleability transaction only have different transaction hash (input/output exactly same)

• How often such a thing will occur?

That depends whether someone decide to abuse Transaction malleability

• Is it fixed?

Yes, if you use SegWit address.

• Can a miner with 51% mining power can do this? As he/she with 51% power can do 51% attack

Yes, but you don't need any mining power to do it. All you need to are change transaction/signature format of an transaction and broadcast it.

Can you please recommend any article or book to read this topic in depth.

[pooya87]

Can someone please explain this attack in lye-man language? 

it means you change something inside of any transaction you receive so that the final transaction hash changes but the transaction doesn't become invalid. so anybody could do that, you won't even need to run a node! you just have to listen to a node and receive/relay transactions.

for example changing signature was a way to malleate a transaction. one way is to inject ignore-able OP codes like OP_0 in it, another was to change S value to -S since on an elliptic curve (x,y) is congruence to (x,-y). both of these change the transaction hash (TX_ID) but won't make the transaction invalid.