1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <gmaxwell@gmail.com>) id 1WDe9h-0007Cw-IP
for bitcoin-development@lists.sourceforge.net;
Wed, 12 Feb 2014 18:03:29 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.171 as permitted sender)
client-ip=209.85.217.171; envelope-from=gmaxwell@gmail.com;
helo=mail-lb0-f171.google.com;
Received: from mail-lb0-f171.google.com ([209.85.217.171])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WDe9f-0004RV-NN
for bitcoin-development@lists.sourceforge.net;
Wed, 12 Feb 2014 18:03:29 +0000
Received: by mail-lb0-f171.google.com with SMTP id c11so7545933lbj.30
for <bitcoin-development@lists.sourceforge.net>;
Wed, 12 Feb 2014 10:03:21 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.152.27.193 with SMTP id v1mr32560614lag.4.1392228201127;
Wed, 12 Feb 2014 10:03:21 -0800 (PST)
Received: by 10.112.198.34 with HTTP; Wed, 12 Feb 2014 10:03:21 -0800 (PST)
In-Reply-To: <CAH2=CKzNGN7mpe1NLtsLRNSszSD2ZNwjoAsaH40EvGtA5ezDeQ@mail.gmail.com>
References: <CAPg+sBgPG+2AMbEHSRQNFn6FikbRzxkWduj5MSZLz-O6Wh940w@mail.gmail.com>
<20140210030048.GB31925@savin>
<CAH2=CKzNGN7mpe1NLtsLRNSszSD2ZNwjoAsaH40EvGtA5ezDeQ@mail.gmail.com>
Date: Wed, 12 Feb 2014 10:03:21 -0800
Message-ID: <CAAS2fgShVqU+T6q56H2ePZhuHvGgftdXh=zUvgeQRRG2pOP8NQ@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: =?UTF-8?Q?Rune_Kj=C3=A6r_Svendsen?= <runesvend@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(gmaxwell[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WDe9f-0004RV-NN
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] [RFC] [BIP proposal] Dealing with
malleability
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 12 Feb 2014 18:03:29 -0000
On Wed, Feb 12, 2014 at 7:12 AM, Rune Kj=C3=A6r Svendsen <runesvend@gmail.c=
om> wrote:
> Instead of trying to remove the possibility of transaction
> malleability, would it make sense to define a new, "canonical
> transaction hash/ID" (cTxID), which would be a hash of the part of the
> transaction data which we know is not malleable, and have clients use
> this cTxID internally, thus making the traditional transaction hash
> irrelevant for a client to function correctly?
This is fine and good. But it only scratches the surface of the
problems created by malleability, especially for fancier transaction
protocols.
Mutation allows you to invalidate a chain of unconfirmed transaction
by mutating the parent. This breaks any protocol which depends on
creating a precomputed nlocked time refund transaction.
So a canonical ID can be used to prevent some buggy behavior it
doesn't actually fix the problem. Fortunately the non-fixed parts
aren't too critical today.
On Wed, Feb 12, 2014 at 8:22 AM, Alan Reiner <etotheipi@gmail.com> wrote:
> I think the solution is simply to encourage Bitcoin software developers t=
o
> design their software to use this static ID, instead of the full transact=
ion
> hash. If MtGox had talked those IDs instead of the TX ID, their softwa=
re
> would've correctly identified the mutated transactions and there would be
> no problem.
This is incorrect. MtGox was automatically issuing replacement
transactions resulting in double payments.
When you attempt to replace/reissue/cancel a transaction you __MUST__
double-spend the original transaction. If the original transaction has
not been conflicted then it is possible someone will pull the original
transaction out of a hat and both your replacement and the original
will be confirmed. It is not safe at any time to look to see if the
original has been confirmed yet, and if not reissue=E2=80=94 not because
mutation may mean you're looking in the wrong place=E2=80=94 but because th=
e
state of the world could change nano-seconds after you looked.
If you do double-spend the original then there is no chance that both
will go through, you'll have atomic exclusion and only one transaction
or the other will be confirmed.
|