summaryrefslogtreecommitdiff
path: root/80/3fdaccc2df38f32cbaf5c12652711f9dd1726b
blob: 8aa2c27825b27bff034227ef112c49fb5ad342f7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <pete@petertodd.org>) id 1YwE83-00065w-7c
	for bitcoin-development@lists.sourceforge.net;
	Sat, 23 May 2015 18:26:35 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of petertodd.org
	designates 62.13.148.100 as permitted sender)
	client-ip=62.13.148.100; envelope-from=pete@petertodd.org;
	helo=outmail148100.authsmtp.co.uk; 
Received: from outmail148100.authsmtp.co.uk ([62.13.148.100])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1YwE7z-0003Pe-EH for bitcoin-development@lists.sourceforge.net;
	Sat, 23 May 2015 18:26:35 +0000
Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237])
	by punt15.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t4NIQPpR034637
	for <bitcoin-development@lists.sourceforge.net>;
	Sat, 23 May 2015 19:26:25 +0100 (BST)
Received: from savin.petertodd.org (75-119-251-161.dsl.teksavvy.com
	[75.119.251.161]) (authenticated bits=128)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t4NIQLHv059308
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
	for <bitcoin-development@lists.sourceforge.net>;
	Sat, 23 May 2015 19:26:24 +0100 (BST)
Date: Sat, 23 May 2015 14:26:21 -0400
From: Peter Todd <pete@petertodd.org>
To: bitcoin-development@lists.sourceforge.net
Message-ID: <20150523182621.GA12761@savin.petertodd.org>
References: <20150212064719.GA6563@savin.petertodd.org>
	<20150504043601.GA14728@savin.petertodd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="rwEMma7ioTxnRzrJ"
Content-Disposition: inline
In-Reply-To: <20150504043601.GA14728@savin.petertodd.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: 38242312-0179-11e5-9f74-002590a135d3
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd
	P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXQZ1
	LRkAXVBSFQB4ABUL BBgUUB08cABYeX95 e0RnX25aWkVlcE56
	XU8aUWl4HAYcECYf VUlbdwsadwJIeFFG YlJ7VnAMY3gHZ31p
	WlZqMm10bDsAdGEN GltQfAobGB1WEmUq fR0aGTwkEAgPVmA9
	IhFuNAZaRR5XaA13 eWAsQ1MfLgRaJgpl V0hRHCZSJBEPRjom
	AUoSGAY3FCZaCSFb HBAsQFdWCyZTUyxE HwNCRVkCGyJeTChO
	R35UTjEkB1syb11t eg4eLQo2Ght2eyYF BBseDmJeShI+OUwG
	HEolEyMgPEVyWl9P IlJy
X-Authentic-SMTP: 61633532353630.1024:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 75.119.251.161/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1YwE7z-0003Pe-EH
Subject: [Bitcoin-development] Replace-by-fee v0.10.2 - Serious DoS attack
 fixed! - Also novel variants of existing attacks w/ Bitcoin XT and Android
 Bitcoin Wallet
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 23 May 2015 18:26:35 -0000


--rwEMma7ioTxnRzrJ
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

My replace-by-fee patch is now available for the Bitcoin Core v0.10.2
release:

    https://github.com/petertodd/bitcoin/tree/replace-by-fee-v0.10.2

This release fixes a serious DoS attack present in previous releases.
Upgrading is strongly recommended for relay nodes, and mandatory for
miners. Users of Luke-Jr's gentoo distribution should either disable RBF
until a patch is released, or run their node behind a patched node.

Previously replacements that spent outputs the transactions they
conflicted with would be accepted. This would lead to orphaned
transactions in the mempool, a potential bandwidth DoS attack for relay
nodes, and even worse, on mining nodes would cause Bitcoin to crash when
CreateNewBlock() was called.

Thanks goes to to Suhas Daftuar for finding this issue.


Additionally, while investigating this issue I found that
Andresen/Harding's relay doublespends patch=B9, included in Bitcoin XT=B2,
also fails to verify that doublespends don't spend outputs of the
transactions they conflict with. As the transactions aren't accepted to
the mempool the issue is simply a variant of the bandwidth DoS attack
that's a well-known issue of Bitcoin XT. However, interestingly in
testing I found that Schildbach's Android Bitcoin Wallet=B3 fails to
detect this case, and displays the transaction as a valid unconfirmed
transaction, potentially leading to the user being defrauded with a
doublespend.  While a well-known issue in general - Schildbach's
implementation trusts peers to only send it valid transactions and
doesn't even detect doublespends it receives from peers - it's
interesting how in this case the attacker doesn't need to also do a
sybil attack.

1) https://github.com/bitcoin/bitcoin/pull/3883
2) https://github.com/bitcoinxt/bitcoinxt
3) https://play.google.com/store/apps/details?id=3Dde.schildbach.wallet

--=20
'peter'[:-1]@petertodd.org
0000000000000000026ca21b4a83e1a818be96db4b532b7e9be2f60d47efff0a

--rwEMma7ioTxnRzrJ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQGrBAEBCACVBQJVYMZIXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwMDAwMDAwMDAxMDcwNTFjNDhhYzA5NjNhN2QzM2I1M2Y3NTllMTVmNGNk
ZDYyNDk5ZTAzMDcwZDUvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfv0RAf+OIqDXO1+sfD18Yjn7k0w2sn8
AfEgRvyZJ3d6XBT7REtM8wh6V0ljKx7bIrPPW91vQFl+4bIvWFnrMVfq4iRbLhd6
J9N26A7al+sMhO/UFpUl1BaMjMGkvt9Qi6aahcQxvNGn43ne4Rd09VvXwM8bsXDD
Cnx2InWhvuPYDWWU3QHSr87xLUWCSRFUQncsMfUHibwHxCcPSrPDAcajqxCEnjV7
WT46A3e/sFCysGX06ujVUBEQ0jR+K/I+vF1HY9fQ2g90pYTcIgj8sP76XWHDtFjY
POyOo+7bqBvP4+HD1hlBph3SoEd8yy9zKzj6ZB4bGrQcwv/+5mUBN3WfFwJzMg==
=KUHR
-----END PGP SIGNATURE-----

--rwEMma7ioTxnRzrJ--