1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
|
Return-Path: <jimmyjack@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id E845FAC1
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 16 Jul 2015 14:50:16 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pd0-f182.google.com (mail-pd0-f182.google.com
[209.85.192.182])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 6EAE3137
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 16 Jul 2015 14:50:15 +0000 (UTC)
Received: by pdjr16 with SMTP id r16so45704410pdj.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 16 Jul 2015 07:50:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=content-type:mime-version:subject:from:in-reply-to:date:cc
:message-id:references:to;
bh=9pP03FIh6vSqri7g1Z+tdJG8wAYg2INYKKnXedJKjts=;
b=BU4zhM0Kq1rA4zqAvW/0m++7FGoxQvkvydlsOyVztdiKpHyMf4BP/Zp4UmleK2R3Vr
b0H5r6FCmkMVDi+aF8USzbOpa6+5E4habLmyVptluImSF2au6wieHNbwkjjtVCm1+Vi5
OuCFcdLnv3N2DlqEqkWqVz92Dk8Sct9vbPxqcTv9P/W1E5JY8P2XCZIuwV7kd6zG3Rn+
impuC20Yufph010+jDQZZYorKKs6Ts/R+7qrA288aNL7MAfYnPbhXb58H0IjXeyqH08D
xwnpkItDaH0NVeZhZ0ufu7M6Ctjpj3Ztfpv5aoGiBVg5KEmhoVFRTHKBvxuzAigoBqof
WZiw==
X-Received: by 10.68.238.39 with SMTP id vh7mr19807098pbc.12.1437058215159;
Thu, 16 Jul 2015 07:50:15 -0700 (PDT)
Received: from [10.237.243.222] ([50.141.34.174])
by smtp.gmail.com with ESMTPSA id
ml6sm8220019pdb.69.2015.07.16.07.50.13
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Thu, 16 Jul 2015 07:50:14 -0700 (PDT)
Content-Type: multipart/alternative;
boundary="Apple-Mail=_3B38068F-99E3-4FD8-87FE-8E546A2C52B7"
Mime-Version: 1.0 (Mac OS X Mail 9.0 \(3067\))
From: Me <jimmyjack@gmail.com>
In-Reply-To: <55A7BFF7.2050608@xylon.de>
Date: Thu, 16 Jul 2015 07:50:16 -0700
Message-Id: <57C28E34-7B1C-4501-BB9C-5727862023F3@gmail.com>
References: <24662b038abc45da7f3990e12a649b8a@airmail.cc>
<55A7BFF7.2050608@xylon.de>
To: Arne Brutschy <abrutschy@xylon.de>
X-Mailer: Apple Mail (2.3067)
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Significant losses by double-spending unconfirmed
transactions
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2015 14:50:17 -0000
--Apple-Mail=_3B38068F-99E3-4FD8-87FE-8E546A2C52B7
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
> minrelaytxfee setting proposed in the 0.11.0 release notes
my guess, he is talking about this =
https://bitcoin.org/en/glossary/minimum-relay-fee =
<https://bitcoin.org/en/glossary/minimum-relay-fee> - slam dunk =
technique for doublespend
> Related: is there somewhere a chart that plots `estimatefee` over
> time? Would be interesting to see how the fee market evolved over
> these past weeks.
I find this useful
https://bitcoinfees.github.io/ <https://bitcoinfees.github.io/>
> On Jul 16, 2015, at 7:30 AM, Arne Brutschy via bitcoin-dev =
<bitcoin-dev@lists.linuxfoundation.org> wrote:
>=20
> Hello,
>=20
> What are these pre- and post-Hearn-relay drop rules you are speaking
> about? Can anybody shed some light on this? (I am aware of the
> minrelaytxfee setting proposed in the 0.11.0 release notes, I just
> don't see what this has to do with Mike Hearn, BitcoinXT, and whether
> there's a code change related to this that I missed).
>=20
> Related: is there somewhere a chart that plots `estimatefee` over
> time? Would be interesting to see how the fee market evolved over
> these past weeks.
>=20
> Regards
> Arne
>=20
> On 15/07/15 05:29, simongreen--- via bitcoin-dev wrote:
>> With my black hat on I recently performed numerous profitable=20
>> double-spend attacks against zeroconf accepting fools. With my
>> white hat on, I'm warning everyone. The strategy is simple:
>>=20
>> tx1: To merchant, but dust/low-fee/reused-address/large-size/etc.=20
>> anything that miners don't always accept.
>>=20
>> tx2: After merchant gives up valuable thing in return, normal tx
>> without triggering spam protections. (loltasticly a Mike Hearn
>> Bitcoin XT node was used to relay the double-spends)
>>=20
>> Example success story: tx1 paying Shapeshift.io with 6uBTC output
>> is not dust under post-Hearn-relay-drop rules, but is dust under=20
>> pre-Hearn-relay-drop rules, followed by tx2 w/o the output and not=20
>> paying Shapeshift.io. F2Pool/Eligius/BTCChina/AntPool etc. are all=20
>> miners who have reverted Hearn's 10x relay fee drop as recommended
>> by v0.11.0 release notes and accept these double-spends.
>> Shapeshift.io lost ~3 BTC this week in multiple txs. (they're no
>> longer accepting zeroconf)
>>=20
>> Example success story #2: tx1 with post-Hearn-relay drop fee,
>> followed by tx2 with higher fee. Such stupidly low fee txs just
>> don't get mined, so wait for a miner to mine tx2. Bought a silly
>> amount of reddit gold off Coinbase this way among other things. I'm
>> surprised that reddit didn't cancel the "fools-gold" after tx
>> reversal. (did Coinbase guarantee those txs?) Also found multiple
>> Bitcoin ATMs vulnerable to this attack. (but simulated attack with
>> tx2s still paying ATM because didn't want to go to trouble of good
>> phys opsec)
>>=20
>> Shoutouts to BitPay who did things right and notified merchant
>> properly when tx was reversed.
>>=20
>> In summary, every target depending on zeroconf vulnerable and lost=20
>> significant sums of money to totally trivial attacks with high=20
>> probability. No need for RBF to do this, just normal variations in
>> miner policy. Shapeshift claims to use Super Sophisticated Network
>> Sybil Attacking Monitoring from Blockcypher, but relay nodes !=3D
>> miner policy.
>>=20
>> Consider yourself warned! My hat is whiter than most, and my skills
>> not particularly good.
>>=20
>> What to do? Users: Listen to the experts and stop relying on
>> zeroconf. Black hats: Profit!
>>=20
>> _______________________________________________ bitcoin-dev mailing
>> list bitcoin-dev@lists.linuxfoundation.org=20
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>=20
> --=20
> Arne Brutschy <abrutschy@xylon.de>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
--Apple-Mail=_3B38068F-99E3-4FD8-87FE-8E546A2C52B7
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D""><div class=3D""><blockquote type=3D"cite" =
class=3D"">minrelaytxfee setting proposed in the 0.11.0 release =
notes</blockquote></div><div class=3D"">my guess, he is talking about =
this <a href=3D"https://bitcoin.org/en/glossary/minimum-relay-fee" =
class=3D"">https://bitcoin.org/en/glossary/minimum-relay-fee</a> - =
slam dunk technique for doublespend</div><div class=3D""><br =
class=3D""></div><div class=3D""><br class=3D""></div><div class=3D""><br =
class=3D""></div><div class=3D""><blockquote type=3D"cite" =
class=3D"">Related: is there somewhere a chart that plots `estimatefee` =
over<br class=3D"">time? Would be interesting to see how the fee market =
evolved over<br class=3D"">these past weeks.</blockquote><br =
class=3D""></div><div class=3D"">I find this useful</div><a =
href=3D"https://bitcoinfees.github.io/" =
class=3D"">https://bitcoinfees.github.io/</a><div class=3D""><br =
class=3D""></div><div class=3D""><br class=3D""></div><div class=3D""><br =
class=3D""></div><div class=3D""><br class=3D""></div><div class=3D""><br =
class=3D""><div><blockquote type=3D"cite" class=3D""><div class=3D"">On =
Jul 16, 2015, at 7:30 AM, Arne Brutschy via bitcoin-dev <<a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" =
class=3D"">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:</div><br =
class=3D"Apple-interchange-newline"><div class=3D""><div =
class=3D"">Hello,<br class=3D""><br class=3D"">What are these pre- and =
post-Hearn-relay drop rules you are speaking<br class=3D"">about? Can =
anybody shed some light on this? (I am aware of the<br =
class=3D"">minrelaytxfee setting proposed in the 0.11.0 release notes, I =
just<br class=3D"">don't see what this has to do with Mike Hearn, =
BitcoinXT, and whether<br class=3D"">there's a code change related to =
this that I missed).<br class=3D""><br class=3D"">Related: is there =
somewhere a chart that plots `estimatefee` over<br class=3D"">time? =
Would be interesting to see how the fee market evolved over<br =
class=3D"">these past weeks.<br class=3D""><br class=3D"">Regards<br =
class=3D"">Arne<br class=3D""><br class=3D"">On 15/07/15 05:29, =
simongreen--- via bitcoin-dev wrote:<br class=3D""><blockquote =
type=3D"cite" class=3D"">With my black hat on I recently performed =
numerous profitable <br class=3D"">double-spend attacks against zeroconf =
accepting fools. With my<br class=3D"">white hat on, I'm warning =
everyone. The strategy is simple:<br class=3D""><br class=3D"">tx1: To =
merchant, but dust/low-fee/reused-address/large-size/etc. <br =
class=3D"">anything that miners don't always accept.<br class=3D""><br =
class=3D"">tx2: After merchant gives up valuable thing in return, normal =
tx<br class=3D"">without triggering spam protections. (loltasticly a =
Mike Hearn<br class=3D"">Bitcoin XT node was used to relay the =
double-spends)<br class=3D""><br class=3D"">Example success story: tx1 =
paying <a href=3D"http://shapeshift.io" class=3D"">Shapeshift.io</a> =
with 6uBTC output<br class=3D"">is not dust under post-Hearn-relay-drop =
rules, but is dust under <br class=3D"">pre-Hearn-relay-drop rules, =
followed by tx2 w/o the output and not <br class=3D"">paying <a =
href=3D"http://shapeshift.io" class=3D"">Shapeshift.io</a>. =
F2Pool/Eligius/BTCChina/AntPool etc. are all <br class=3D"">miners who =
have reverted Hearn's 10x relay fee drop as recommended<br class=3D"">by =
v0.11.0 release notes and accept these double-spends.<br class=3D""><a =
href=3D"http://shapeshift.io" class=3D"">Shapeshift.io</a> lost ~3 BTC =
this week in multiple txs. (they're no<br class=3D"">longer accepting =
zeroconf)<br class=3D""><br class=3D"">Example success story #2: tx1 =
with post-Hearn-relay drop fee,<br class=3D"">followed by tx2 with =
higher fee. Such stupidly low fee txs just<br class=3D"">don't get =
mined, so wait for a miner to mine tx2. Bought a silly<br =
class=3D"">amount of reddit gold off Coinbase this way among other =
things. I'm<br class=3D"">surprised that reddit didn't cancel the =
"fools-gold" after tx<br class=3D"">reversal. (did Coinbase guarantee =
those txs?) Also found multiple<br class=3D"">Bitcoin ATMs vulnerable to =
this attack. (but simulated attack with<br class=3D"">tx2s still paying =
ATM because didn't want to go to trouble of good<br class=3D"">phys =
opsec)<br class=3D""><br class=3D"">Shoutouts to BitPay who did things =
right and notified merchant<br class=3D"">properly when tx was =
reversed.<br class=3D""><br class=3D"">In summary, every target =
depending on zeroconf vulnerable and lost <br class=3D"">significant =
sums of money to totally trivial attacks with high <br =
class=3D"">probability. No need for RBF to do this, just normal =
variations in<br class=3D"">miner policy. Shapeshift claims to use Super =
Sophisticated Network<br class=3D"">Sybil Attacking Monitoring from =
Blockcypher, but relay nodes !=3D<br class=3D"">miner policy.<br =
class=3D""><br class=3D"">Consider yourself warned! My hat is whiter =
than most, and my skills<br class=3D"">not particularly good.<br =
class=3D""><br class=3D"">What to do? Users: Listen to the experts and =
stop relying on<br class=3D"">zeroconf. Black hats: Profit!<br =
class=3D""><br class=3D"">_______________________________________________ =
bitcoin-dev mailing<br class=3D"">list <a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" =
class=3D"">bitcoin-dev@lists.linuxfoundation.org</a> <br class=3D""><a =
href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
class=3D"">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev<=
/a><br class=3D""></blockquote><br class=3D"">-- <br class=3D"">Arne =
Brutschy <<a href=3D"mailto:abrutschy@xylon.de" =
class=3D"">abrutschy@xylon.de</a>><br =
class=3D"">_______________________________________________<br =
class=3D"">bitcoin-dev mailing list<br class=3D""><a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" =
class=3D"">bitcoin-dev@lists.linuxfoundation.org</a><br =
class=3D"">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev<=
br class=3D""></div></div></blockquote></div><br =
class=3D""></div></body></html>=
--Apple-Mail=_3B38068F-99E3-4FD8-87FE-8E546A2C52B7--
|
