Bitcoin Forum
September 28, 2016, 03:26:18 AM *
News: Latest stable version of Bitcoin Core: 0.13.0 (New!) [Torrent]. Make sure you verify it.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Perhaps a DoS flaw?  (Read 2015 times)
Cheater
Newbie
*
Offline Offline

Activity: 13


View Profile
August 24, 2010, 12:38:53 AM
 #1

Erm I just accidentally sent Bitcoins to myself. It currently has 18 confirmations and the client actually says 'Payment to yourself'.

Couldnt someone make blocks very very large by doing it repeatedly?
It would take a few seconds to make a endless bash loop doing it.

Why can you send coins to yourself?
1475033178
Hero Member
*
Offline Offline

Posts: 1475033178

View Profile Personal Message (Offline)

Ignore
1475033178
Reply with quote  #2

1475033178
Report to moderator
1475033178
Hero Member
*
Offline Offline

Posts: 1475033178

View Profile Personal Message (Offline)

Ignore
1475033178
Reply with quote  #2

1475033178
Report to moderator
1475033178
Hero Member
*
Offline Offline

Posts: 1475033178

View Profile Personal Message (Offline)

Ignore
1475033178
Reply with quote  #2

1475033178
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1475033178
Hero Member
*
Offline Offline

Posts: 1475033178

View Profile Personal Message (Offline)

Ignore
1475033178
Reply with quote  #2

1475033178
Report to moderator
GoldRush
Jr. Member
*
Offline Offline

Activity: 32


View Profile
August 24, 2010, 12:48:17 AM
 #2

Erm I just accidentally sent Bitcoins to myself. It currently has 18 confirmations and the client actually says 'Payment to yourself'.

Couldnt someone make blocks very very large by doing it repeatedly?
It would take a few seconds to make a endless bash loop doing it.

Why can you send coins to yourself?

You could create the same problem with two clients and a script running on each.  The real question that concerns me is:  What happens if someone creates software to create trillions of transactions?  If older transactions are not removed from the transaction chain, then it appears there is a denial of service flaw.
BitLex
Hero Member
*****
Offline Offline

Activity: 588


View Profile WWW
August 24, 2010, 12:58:50 AM
 #3

when u receive 10 coins, and send 5 of em to someone else (another node),
you will also send 5 coins to yourself, without even noticing.

your node splits up the 10coin-transaction into 2, 5coin-transaction to recipient + 5coin-transaction to yourself.
you not only can, the node has to send coins to yourself.

another reason is,
someone else might have access to the address your sending coins to.
imagine services like MyBitcoin, or the markets, they all need to store your funds somewhere and can send balances from one account to another instantly (although transactions still need to get confirmed), without leaving the node.

FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
August 24, 2010, 01:08:05 AM
 #4

Tiny transaction fees will stop a flood attack. Erm, I guess a flooder is in no hurry and as long as someone eventually does them for free, large blocks will be created.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
August 24, 2010, 01:10:49 AM
 #5

Go ahead and try it.  I'm willing to bet that the transaction fee for large numbers of transactions is going to eat into your balance enough to discourage you from continuing.  And if you refuse the transaction fees, the time delay that will cause for the transactions to show up in the blockchain would limit your abilities.  I'm sure that it would effect the network, but you won't go unnoticed, either.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Cheater
Newbie
*
Offline Offline

Activity: 13


View Profile
August 24, 2010, 01:13:22 AM
 #6

You could create the same problem with two clients and a script running on each.
But one is easier, and the question is why would you send coins to your own address?
It probably shouldnt be allowed.
your node splits up the 10coin-transaction into 2, 5coin-transaction to recipient + 5coin-transaction to yourself.
you not only can, the node has to send coins to yourself.
Thats something I didnt quite know, but the interface probably shouldnt allow it.
without leaving the node.
But using different addresses. You can send from address ABC to ABC right now which is what I did.
BitLex
Hero Member
*****
Offline Offline

Activity: 588


View Profile WWW
August 24, 2010, 01:24:03 AM
 #7

You can send from address ABC to ABC right now which is what I did.
are your sure about that? idk, never tried.

maybe you sent it from ABC to YTG and your GUI just didnt tell ya about YTG,
it says "to yourself" instead, cuz it knows its on the same node.

check your log, it'll tell ya.

GoldRush
Jr. Member
*
Offline Offline

Activity: 32


View Profile
August 24, 2010, 01:32:10 AM
 #8

the time delay that will cause for the transactions to show up in the blockchain would limit your abilities. 

If you send .0000001 bitcoins with each transaction, then starting with a balance of 1000.0 bitcoins would allow you to do quite a few transactions while you are waiting on the others to mature.

So is there simply nothing currently in place to stop a bit-flood?
Cheater
Newbie
*
Offline Offline

Activity: 13


View Profile
August 24, 2010, 01:36:33 AM
 #9

are your sure about that? idk, never tried.
Just did it again. You can definitely send money to the same address you are sending from.
BitLex
Hero Member
*****
Offline Offline

Activity: 588


View Profile WWW
August 24, 2010, 01:44:35 AM
 #10

are your sure about that? idk, never tried.
Just did it again. You can definitely send money to the same address you are sending from.
u did what again?
how do you know, which of your addresses holds exactly those coins your sending?

what does your logfile say?

guess i'm gonna load a fresh install and try myself  Grin

here's another topic about flood-attacks btw, lots of questions already answered
http://bitcointalk.org/index.php?topic=287.0

FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
August 24, 2010, 07:21:59 AM
 #11

the time delay that will cause for the transactions to show up in the blockchain would limit your abilities. 

If you send .0000001 bitcoins with each transaction, then starting with a balance of 1000.0 bitcoins would allow you to do quite a few transactions while you are waiting on the others to mature.

So is there simply nothing currently in place to stop a bit-flood?


We all charge a fee of .01 for transfers less than .01 right now. Not that that changes the issue fundamentally, just stating it.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
August 24, 2010, 07:51:10 AM
 #12

Couldnt someone make blocks very very large by doing it repeatedly?
It would take a few seconds to make a endless bash loop doing it.

I suppose that as soon as transactions fees start to be demanded, that might become "expensive" to do.
And I think the only reason such fees aren't charged right now, it's because the only client that exists doesn't give the user the option to demand them.
So, if bitcoins ever get popular, I believe all transactions would have to pay a fee. Maybe tiny, but something.

Why can you send coins to yourself?

Maybe to merge/split your money among different addresses.

Or another more practical example, suppose your laptop is stolen, and your wallet.dat is in it. If you have a backup, you'd better use it soon to transfer everything to a new address of your own, which is not on the stolen wallet.dat, before the thief does it.

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
August 24, 2010, 07:53:19 AM
 #13

Oh yes, and I forgot, currently the client demands transaction fees for big blocks. So, if you try this, you'll have to pay for it.

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
Insti
Sr. Member
****
Offline Offline

Activity: 294


Firstbits: 1duzy


View Profile
August 24, 2010, 08:36:40 AM
 #14

Erm I just accidentally sent Bitcoins to myself. It currently has 18 confirmations and the client actually says 'Payment to yourself'.

Couldnt someone make blocks very very large by doing it repeatedly?
It would take a few seconds to make a endless bash loop doing it.

Why can you send coins to yourself?

Why should you not be able to send coins to yourself? No-one knows which addresses you control so there is no way of telling if you are sending to yourself anyway.

I encourage you to do this and try to break the Test network.

Good luck!
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
August 24, 2010, 08:47:36 AM
 #15

No-one knows which addresses you control so there is no way of telling if you are sending to yourself anyway.

I remember having read something on this forum saying that transfers to self are signed differently, what would allow to identify them.
But I don't know if it's true.

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
Insti
Sr. Member
****
Offline Offline

Activity: 294


Firstbits: 1duzy


View Profile
August 24, 2010, 08:55:49 AM
 #16

No-one knows which addresses you control so there is no way of telling if you are sending to yourself anyway.
I remember having read something on this forum saying that transfers to self are signed differently, what would allow to identify them.
But I don't know if it's true.
They are, (this is bad,) but you can get around it by using another computer with a different wallet file.
Cheater
Newbie
*
Offline Offline

Activity: 13


View Profile
August 25, 2010, 12:00:37 AM
 #17

Ok half of you guys dont quite fully get it.  Tongue

You can send coins from 19yScEhNciCzRsMF1ZECC4Y584rN9Z1dgo to 19yScEhNciCzRsMF1ZECC4Y584rN9Z1dgo.
That is, for some reason, a valid transaction.

I dont mean sending from one address to a different address that you also control, but using the same address.

The transaction fees do eventually kick in, but its a little silly anyway.
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
August 25, 2010, 12:20:58 AM
 #18

Ok half of you guys dont quite fully get it.  Tongue


I understood what you were trying to say, but I don't understand why you think that this is a security issue.  From what I can tell, there is no reason, good or bad, to do such a thing; so there is no good reason to code a prohibition.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!