From: Ben Reeves <support@pi•uk.com>
To: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Duplicate transactions vulnerability
Date: Thu, 1 Mar 2012 10:15:01 +0000 [thread overview]
Message-ID: <CAPBPUno7EaUeQHEb6jfR77k==p5_Q5Es8dGQiwmQW+DPSttDuA@mail.gmail.com> (raw)
In-Reply-To: <20120229234558.GA6573@vps7135.xlshosting.net>
Yes you are right. Any fix in DisconnectBlock() has the same potential issues.
I think the exchanges and major merchants need to be made aware that
they must also upgrade. Maybe bundle both BIP16 and BIP30 in 0.6 and
issue an advisory stating that this is a mandatory upgrade for
everyone.
It also might be prudent to have a blockchain repair script ready,
which checks the db for missing coinbase transactions and downloads
them from another peer or block explorer if necessary.
Thank You,
Ben Reeves
www.blockchain.info
On Wed, Feb 29, 2012 at 11:45 PM, Pieter Wuille <pieter.wuille@gmail•com> wrote:
> On Wed, Feb 29, 2012 at 11:00:42PM +0000, Ben Reeves wrote:
>> I'm not sure. What if they use a coinbase of a block that has already matured?
>
> Indeed; duplicate an old coinbase, fork chain without dupe, and spend the old coinbase.
> The 100-blocks maturity will not help against is.
>
> I'm not sure how you intend to fix DisconnectBlock() to prevent this in a backward-
> compatible way, though.
>
> --
> Pieter
next prev parent reply other threads:[~2012-03-01 10:15 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-28 16:48 Pieter Wuille
2012-02-28 17:12 ` Brautigam Róbert
2012-02-28 17:18 ` Pieter Wuille
2012-02-28 18:10 ` Gavin Andresen
2012-02-28 18:23 ` Luke-Jr
2012-02-28 20:24 ` Pieter Wuille
2012-02-28 20:35 ` Ben Reeves
2012-02-29 1:41 ` Zooko Wilcox-O'Hearn
2012-02-29 16:47 ` Pieter Wuille
2012-02-29 17:02 ` Amir Taaki
2012-02-29 21:00 ` Stefan Thomas
2012-02-29 22:05 ` Ben Reeves
2012-02-29 22:38 ` Matt Corallo
2012-02-29 22:46 ` Gavin Andresen
2012-02-29 23:00 ` Ben Reeves
[not found] ` <20120229232029.GA6073@vps7135.xlshosting.net>
2012-02-29 23:45 ` Pieter Wuille
2012-03-01 10:15 ` Ben Reeves [this message]
2012-03-01 13:09 ` Ben Reeves
2012-03-01 14:27 ` Gregory Maxwell
2012-03-01 17:20 ` Ben Reeves
2012-03-01 14:30 ` Pieter Wuille
2012-03-02 1:56 ` Pieter Wuille
2012-03-03 16:41 ` Pieter Wuille
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPBPUno7EaUeQHEb6jfR77k==p5_Q5Es8dGQiwmQW+DPSttDuA@mail.gmail.com' \
--to=support@pi$(echo .)uk.com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox