Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 01811BE7 for ; Wed, 15 Jul 2015 15:18:33 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail149113.authsmtp.com (outmail149113.authsmtp.com [62.13.149.113]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 394F11BC for ; Wed, 15 Jul 2015 15:18:32 +0000 (UTC) Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237]) by punt15.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t6FFIU19058776; Wed, 15 Jul 2015 16:18:30 +0100 (BST) Received: from savin.petertodd.org (75-119-251-161.dsl.teksavvy.com [75.119.251.161]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t6FFIPZb080223 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 15 Jul 2015 16:18:28 +0100 (BST) Date: Wed, 15 Jul 2015 11:18:25 -0400 From: Peter Todd To: Tom Harding Message-ID: <20150715151825.GB20029@savin.petertodd.org> References: <24662b038abc45da7f3990e12a649b8a@airmail.cc> <55A66FA9.4010506@thinlink.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="H+4ONPRPur6+Ovig" Content-Disposition: inline In-Reply-To: <55A66FA9.4010506@thinlink.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: bee89fa0-2b04-11e5-9f75-002590a135d3 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aAdMdwcUEkAYAgsB AmMbWlJeUVV7W2s7 bA9PbARUfEhLXhtr VklWR1pVCwQmRRp3 cGd+OEtyfwVEen0+ bEJqXj4JCRFyfBAs QlNWR20CeGZhPWUC WRZfch5UcAFPdx8U a1N6AHBDAzANdhEy HhM4ODE3eDlSNhEd eQACK1McQE0CGCJ0 QxcZBjg0VUcUDyk0 MhYiJxsHBEsXPkQ0 PhM8X1kfNRETEAhT EyMFHDVQIUIITDYq CgVBNQAA X-Authentic-SMTP: 61633532353630.1024:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 75.119.251.161/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: bitcoin-dev@lists.linuxfoundation.org Subject: Re: [bitcoin-dev] Significant losses by double-spending unconfirmed transactions X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2015 15:18:33 -0000 --H+4ONPRPur6+Ovig Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 15, 2015 at 07:35:21AM -0700, Tom Harding via bitcoin-dev wrote: >=20 > You perform a valuable service with your demonstration, but you > neglected to include the txid's to show that you actually did it. =20 > Your advice is must-follow for anyone relying on an unconfirmed tx: it > must pay a good fee and be highly relayable/minable. Actually, I was looking at what I believe was (part of?) this attack yesterday in the logs on my full-RBF nodes and the txs involved *did* have good fees and were highly relayable/minable - the double-spent txs had near 100% propagation on blockchain.info (who has unfortunately purged the relevant data already) Shapeshift.io depends on Blockcypher's "confidence factor" model(1) under the hood - yet another one of those sybil attacking network monitoring things - to estimate tx confirmation probability by looking at the % of nodes a tx has propagated too. But miners frequently use customized Bitcoin Core codebases that don't follow normal policies, so those measurements don't actually tell you what you need to know. hapeshift confirmed(2) the attack - confirming that they disabled unconfirmed tx acceptance - said they're going to "improve" their system... It'll be interesting to see what that actually entails. 1) https://medium.com/blockcypher-blog/from-zero-to-hero-bitcoin-transactio= ns-in-8-seconds-7c9edcb3b734 2) https://www.reddit.com/r/Bitcoin/comments/3ddkhy/bitcoindev_significant_= losses_by_doublespending/ct468p7 --=20 'peter'[:-1]@petertodd.org 000000000000000010bf087ed645cba129e2523930d5cde636ddbae9e03aef9c --H+4ONPRPur6+Ovig Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQGrBAEBCACVBQJVpnm7XhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDAwODkyOTNiMzk0MDQ0ZTJiOTE0N2MyY2VlODRjZDQ3OGEy MTJjN2FkZDEwOWNlZWIvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkftzJwf8DeAm5jQsEw+l8QAuM/Ke/gEU rxUT4N+cO2vU+WAaG1AXzzfL8ZEBv1W0jNKTbUheNNo8WzgItYmtf5hqKZuF+T6B 9Rx4w4pB7l+S+bAHXa4xsaxcb3UQX+fHbZvnqD0XgEiH6n97VTQnUJnuBRIjgSNb MuSMb1CXxGp7mv9lNKHEzTOrMflgdHGipxQ8e+tUcjgBNmzcP134QVOpZclEPMKg 1V9DVzkIJTelX5E1FRdZNEEVeI2mVsmzxSh2CziOniQtPljhAwck1uDC2A/dYaMa JtjHE8yc7daLK/nBUOWJi46rQ8n9n1s9Caoq1kJlcSVAaGNf4OY4RL2sRALvug== =zcmR -----END PGP SIGNATURE----- --H+4ONPRPur6+Ovig--