Bitcoin Forum
April 24, 2014, 05:50:38 AM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Strange block 74638  (Read 11134 times)
jgarzik
Staff
Hero Member
*****
Offline Offline

Activity: 1260


View Profile

Ignore
August 15, 2010, 06:08:49 PM
 #1


The "value out" in this block #74638 is quite strange:

Code:
{
    "hash" : "0000000000790ab3f22ec756ad43b6ab569abf0bddeb97c67a6f7b1470a7ec1c",
    "ver" : 1,
    "prev_block" : "0000000000606865e679308edf079991764d88e8122ca9250aef5386962b6e84",
    "mrkl_root" : "618eba14419e13c8d08d38c346da7cd1c7c66fd8831421056ae56d8d80b6ec5e",
    "time" : 1281891957,
    "bits" : 469794830,
    "nonce" : 28192719,
    "n_tx" : 2,
    "tx" : [
        {
            "hash" : "012cd8f8910355da9dd214627a31acfeb61ac66e13560255bfd87d3e9c50e1ca",
            "ver" : 1,
            "vin_sz" : 1,
            "vout_sz" : 1,
            "lock_time" : 0,
            "in" : [
                {
                    "prev_out" : {
                        "hash" : "0000000000000000000000000000000000000000000000000000000000000000",
                        "n" : 4294967295
                    },
                    "coinbase" : "040e80001c028f00"
                }
            ],
            "out" : [
                {
                    "value" : 50.51000000,
                    "scriptPubKey" : "0x4F4BA55D1580F8C3A8A2C78E8B7963837C7EA2BD8654B9D96C51994E6FCF6E65E1CF9A844B044EEA125F26C26DBB1B207E4C3F2A098989DA9BA5BA455E830F7504 OP_CHECKSIG"
                }
            ]
        },
        {
            "hash" : "1d5e512a9723cbef373b970eb52f1e9598ad67e7408077a82fdac194b65333c9",
            "ver" : 1,
            "vin_sz" : 1,
            "vout_sz" : 2,
            "lock_time" : 0,
            "in" : [
                {
                    "prev_out" : {
                        "hash" : "237fe8348fc77ace11049931058abb034c99698c7fe99b1cc022b1365a705d39",
                        "n" : 0
                    },
                    "scriptSig" : "0xA87C02384E1F184B79C6ACF070BEA45D5B6A4739DBFF776A5D8CE11B23532DD05A20029387F6E4E77360692BB624EEC1664A21A42AA8FC16AEB9BD807A4698D0CA8CDB0021024530 0x965D33950A28B84C9C19AB64BAE9410875C537F0EB29D1D21A60DA7BAD2706FBADA7DF5E84F645063715B7D0472ABB9EBFDE5CE7D9A74C7F207929EDAE975D6B04"
                }
            ],
            "out" : [
                {
                    "value" : 92233720368.54277039,
                    "scriptPubKey" : "OP_DUP OP_HASH160 0xB7A73EB128D7EA3D388DB12418302A1CBAD5E890 OP_EQUALVERIFY OP_CHECKSIG"
                },
                {
                    "value" : 92233720368.54277039,
                    "scriptPubKey" : "OP_DUP OP_HASH160 0x151275508C66F89DEC2C5F43B6F9CBE0B5C4722C OP_EQUALVERIFY OP_CHECKSIG"
                }
            ]
        }
    ],
    "mrkl_tree" : [
        "012cd8f8910355da9dd214627a31acfeb61ac66e13560255bfd87d3e9c50e1ca",
        "1d5e512a9723cbef373b970eb52f1e9598ad67e7408077a82fdac194b65333c9",
        "618eba14419e13c8d08d38c346da7cd1c7c66fd8831421056ae56d8d80b6ec5e"
    ]
}

92233720368.54277039 BTC?  Is that UINT64_MAX, I wonder?

Jeff Garzik, bitcoin core dev team and BitPay engineer; opinions are my own, not my employer.
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
1398318638
Hero Member
*
Offline Offline

Posts: 1398318638

View Profile Personal Message (Offline)

Ignore
1398318638
Reply with quote  #2

1398318638
Report to moderator
1398318638
Hero Member
*
Offline Offline

Posts: 1398318638

View Profile Personal Message (Offline)

Ignore
1398318638
Reply with quote  #2

1398318638
Report to moderator
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398318638
Hero Member
*
Offline Offline

Posts: 1398318638

View Profile Personal Message (Offline)

Ignore
1398318638
Reply with quote  #2

1398318638
Report to moderator
1398318638
Hero Member
*
Offline Offline

Posts: 1398318638

View Profile Personal Message (Offline)

Ignore
1398318638
Reply with quote  #2

1398318638
Report to moderator
1398318638
Hero Member
*
Offline Offline

Posts: 1398318638

View Profile Personal Message (Offline)

Ignore
1398318638
Reply with quote  #2

1398318638
Report to moderator
1398318638
Hero Member
*
Offline Offline

Posts: 1398318638

View Profile Personal Message (Offline)

Ignore
1398318638
Reply with quote  #2

1398318638
Report to moderator
lachesis
Full Member
***
Offline Offline

Activity: 210


View Profile

Ignore
August 15, 2010, 06:17:35 PM
 #2

The "value out" in this block #74638 is quite strange:
That is strange. What does the TxIn look like?

92233720368.54277039 BTC?  Is that UINT64_MAX, I wonder?
It's 2^63/10^8, so it looks like it's INT64_MAX, not UINT64_MAX

Bitcoin Calculator | Scallion | GPG Key | WoT Rating | 1AFTbit16o6FNg2msnAbXVR2G3EVTWefmc
Vanity .onion address service - <8 character addresses free!
theymos
Administrator
Hero Member
*
Offline Offline

Activity: 1540


View Profile
August 15, 2010, 06:28:56 PM
 #3

This could be a serious problem. Bitcoin's printblock also shows it:

Code:
CBlock(hash=0000000000790ab3, ver=1, hashPrevBlock=0000000000606865, hashMerkleR
oot=618eba, nTime=1281891957, nBits=1c00800e, nNonce=28192719, vtx=2)
  CTransaction(hash=012cd8, ver=1, vin.size=1, vout.size=1, nLockTime=0)
    CTxIn(COutPoint(000000, -1), coinbase 040e80001c028f00)
    CTxOut(nValue=50.51000000, scriptPubKey=0x4F4BA55D1580F8C3A8A2C7)
  CTransaction(hash=1d5e51, ver=1, vin.size=1, vout.size=2, nLockTime=0)
    CTxIn(COutPoint(237fe8, 0), scriptSig=0xA87C02384E1F184B79C6AC)
    CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0xB7A7)
    CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0x1512)
  vMerkleTree: 012cd8 1d5e51 618eba

lfm
Full Member
***
Offline Offline

Activity: 196



View Profile

Ignore
August 15, 2010, 06:55:34 PM
 #4

This could be a serious problem. Bitcoin's printblock also shows it:

Code:
CBlock(hash=0000000000790ab3, ver=1, hashPrevBlock=0000000000606865, hashMerkleR
oot=618eba, nTime=1281891957, nBits=1c00800e, nNonce=28192719, vtx=2)
  CTransaction(hash=012cd8, ver=1, vin.size=1, vout.size=1, nLockTime=0)
    CTxIn(COutPoint(000000, -1), coinbase 040e80001c028f00)
    CTxOut(nValue=50.51000000, scriptPubKey=0x4F4BA55D1580F8C3A8A2C7)
  CTransaction(hash=1d5e51, ver=1, vin.size=1, vout.size=2, nLockTime=0)
    CTxIn(COutPoint(237fe8, 0), scriptSig=0xA87C02384E1F184B79C6AC)
    CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0xB7A7)
    CTxOut(nValue=92233720368.54275808, scriptPubKey=OP_DUP OP_HASH160 0x1512)
  vMerkleTree: 012cd8 1d5e51 618eba


The sum of the two outputs overflows to a negative. Its a bug in the transaction checks which did not reject it, then someone noticed and exploited it. Presumably a new version will be able to reject it and start a new valid fork. meanwhile should probablt shut down whatever you can and by no means make nor accept any transactions.
kencausey
Newbie
*
Offline Offline

Activity: 15


View Profile

Ignore
August 15, 2010, 07:30:30 PM
 #5

Related thread: http://bitcointalk.org/index.php?topic=823.0

BC: 1PZdDFSKj2wt1GW6XCQxHH8RUYTV7fHF6n
lfm
Full Member
***
Offline Offline

Activity: 196



View Profile

Ignore
August 15, 2010, 07:34:18 PM
 #6

Im speculating here somewhat but from what I can see someone has generated a transaction, probably using a custom modification of the software to generate a transaction which exploits a weakness in the code. The code check each transaction output for negative numbers individually (up to ver 0.3.8 at least) but forgot to check that the sum of two outputs (where you have the normal output of a transaction and the "change" leftover amount returned to the sender) is negative. So if you put two large but positive values in the transaction the overflow is then only checked that it is less than or equal to the inputs.

Normally the inputs are equal to the outputs of a transaction. The exception is when there is a "fee" charged for the transaction. The net allows anyone to voluntarily pay any amout for a fee. SO when the sum was negative the difference from the input looked like a fee. It slipped thru all the checks. Her is some of the details:
 out Value 1:92233720368.54(7ffffffffff85ee0)
 out Value 2:92233720368.54(7ffffffffff85ee0)

the sum would make -0.01 BTC

generated transaction "reward" including 51 bitcent "fee"
 out Value:50.51(000000012d1024c0)

that implies the input value was 0.50 BTC

aceat64
Full Member
***
Offline Offline

Activity: 123


View Profile WWW

Ignore
August 15, 2010, 07:50:00 PM
 #7

For now I have stopped generating on my nodes.

Don't mess with my network. Or Texas.
Drink Fund: 19BxzWJbwc325MM8NzfVJYjR5Vu54saDpH - Makerspace Donations: 1MakersiNBFMdM5i6R8dgD9pkgMFE6rkAD
President - Dallas Makerspace
NewLibertyStandard
Sr. Member
****
Offline Offline

Activity: 252



View Profile WWW

Ignore
August 15, 2010, 08:29:32 PM
 #8

Let's not keep two different threads open on this subject. Let's move our conversation over to the thread in the dev forum. Moderators, please lock this thread if you agree.

Treazant: A Fullever Rewarding Bitcoin - Backup Your Wallet TODAY to Double Your Money! - Dual Currency Donation Address: 1Dnvwj3hAGSwFPMnkJZvi3KnaqksRPa74p
Insti
Sr. Member
****
Offline Offline

Activity: 294


Firstbits: 1duzy


View Profile

Ignore
August 15, 2010, 08:38:16 PM
 #9

Let's not keep two different threads open on this subject. Let's move our conversation over to the thread in the dev forum. Moderators, please lock this thread if you agree.
This thread currently has more useful information in it.
NewLibertyStandard
Sr. Member
****
Offline Offline

Activity: 252



View Profile WWW

Ignore
August 15, 2010, 08:42:17 PM
 #10

Let's not keep two different threads open on this subject. Let's move our conversation over to the thread in the dev forum. Moderators, please lock this thread if you agree.
This thread currently has more useful information in it.
Both threads have a link to the other, so usefulness of information doesn't matter. I think the other thread is more appropriate which is why I suggested this one be locked. If a moderator thinks this one is more appropriate, then they should lock the other. Of course if the moderators want both threads going at the same time, that's their prerogative. It's just a suggestion and not really a big deal either way.

Treazant: A Fullever Rewarding Bitcoin - Backup Your Wallet TODAY to Double Your Money! - Dual Currency Donation Address: 1Dnvwj3hAGSwFPMnkJZvi3KnaqksRPa74p
mizerydearia
Hero Member
*****
Offline Offline

Activity: 574



View Profile

Ignore
August 20, 2010, 12:57:53 AM
 #11

Here is some information related to the incident that may be used by anyone else if they would dislike.  If you would like to use it then you may not.

In old/corrupt chain:

Block 74637 has timestamp of 1281891763 (Sun Aug 15 11:34:43 CDT 2010)
Block 74638 had timestamp of 1281891957 (Sun Aug 15 12:05:57 CDT 2010)
Block 74639 had timestamp of 1281892233 (Sun Aug 15 12:10:33 CDT 2010)


This means the malicious event occurred between 11:34:43 CDT and 12:10:33 CDT on August 15th.

http://bitcointalk.org/index.php?topic=822.0
August 15, 2010, 01:08:49 PM CDT

This means the malicious event was discovered up to about 1.5hrs after it occurred.

http://bitcointalk.org/index.php?topic=823.msg9524#msg9524
August 15, 2010, 03:39:42 PM CDT

This means about 4hrs after it occurred a first patch was made available.

http://bitcointalk.org/index.php?topic=823.msg9548#msg9548
August 15, 2010, 04:40:19 PM CDT

This means about just over 5hrs after it occurred a path was pushed to svn by satoshi.

5 hours is much more impressive than "within a day." even though the official release of 0.3.10 didn't occur until the next day. =/

I first posted this as a comment to http://www.bitcoinblogger.com/2010/08/bitcoin-issues-security-update-faster.html

Other threads related to the issue:
http://bitcointalk.org/index.php?topic=823.0
http://bitcointalk.org/index.php?topic=827.0
http://bitcointalk.org/index.php?topic=832.0
FreeMoney
Hero Member
*****
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW

Ignore
August 20, 2010, 02:04:47 AM
 #12

Did we get luck or is there a secret pager number that alerts Satoshi to emergencies Smiley

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
mizerydearia
Hero Member
*****
Offline Offline

Activity: 574



View Profile

Ignore
August 20, 2010, 03:02:27 AM
 #13

I heard that the patch was available before Satoshi awakened.
FreeMoney
Hero Member
*****
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW

Ignore
August 20, 2010, 03:41:54 AM
 #14

I heard that the patch was available before Satoshi awakened.

Nice. I shouldn't even have assumed he did it. I know there are lots of people here with skills.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!