Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Ucbo5-0007Jb-Lw for bitcoin-development@lists.sourceforge.net; Wed, 15 May 2013 13:31:49 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.223.176 as permitted sender) client-ip=209.85.223.176; envelope-from=etotheipi@gmail.com; helo=mail-ie0-f176.google.com; Received: from mail-ie0-f176.google.com ([209.85.223.176]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Ucbo4-00072N-Gm for bitcoin-development@lists.sourceforge.net; Wed, 15 May 2013 13:31:49 +0000 Received: by mail-ie0-f176.google.com with SMTP id at1so3632730iec.35 for ; Wed, 15 May 2013 06:31:43 -0700 (PDT) X-Received: by 10.50.72.113 with SMTP id c17mr5501484igv.51.1368624703245; Wed, 15 May 2013 06:31:43 -0700 (PDT) Received: from [192.168.1.85] (c-76-111-96-126.hsd1.md.comcast.net. [76.111.96.126]) by mx.google.com with ESMTPSA id wn10sm29733266igb.2.2013.05.15.06.31.42 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 15 May 2013 06:31:42 -0700 (PDT) Message-ID: <51938E35.8040604@gmail.com> Date: Wed, 15 May 2013 09:31:33 -0400 From: Alan Reiner User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5 MIME-Version: 1.0 To: bitcoin-development@lists.sourceforge.net References: <20130515113827.GB26020@savin> <20130515121950.GC26020@savin> In-Reply-To: <20130515121950.GC26020@savin> X-Enigmail-Version: 1.5.1 Content-Type: multipart/alternative; boundary="------------030705080809040303060408" X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (etotheipi[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Ucbo4-00072N-Gm Subject: Re: [Bitcoin-development] 2BTC reward for making probabalistic double-spending via conflicting transactions easy X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 May 2013 13:31:49 -0000 This is a multi-part message in MIME format. --------------030705080809040303060408 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You can do this right now, with Armory. If you switch Armory to Expert usermode, you can combine coin-control with unsigned transactions to do exactly this. It's because Armory doesn't "lock" coins used in previous unsigned transactions, until they're actually broadcast and confirmed to be "out in the wild". This was done for simplicity to avoid people getting arbitrarily-locked coins, even though it means you end up accidentally double-spending if you try to create two different unsigned transactions from the same wallet without sign&broadcasting the first one. So here's what you do: (1) Switch to "Expert" usermode in Armory (2) Open any wallet (you don't need a watch-only wallet, full wallet is fine) (3) In the "Send Bitcoins" window, click coin-control (4) Create a transaction using one sufficiently large input (5) Click "Create Unsigned Transaction" and save it (6) Repeat 3-5 with the same coin, but sending to yourself, specify a larger fee (7) Go into "Offline Transactions" and "Sign and Broadcast Transactions" (8) Load tx1, sign & broadcast (9) Load tx2, sign & broadcast This only works if your Bitcoin-Qt/bitcoind client has the replace-by-fee patch, since Armory uses Bitcoin-Qt/bitcoind as a gateway to the network. Otherwise, the second tx will be DOA. But you don't have to mess with Armory other than switching it to Expert mode to get to the coin-control feature. - -Alan P.S. -- If you try this, Armory is likely to not show the second tx as having ever happened (Bitcoin-Qt will send it back to us and we ignore it because we already have a tx). But if your Bitcoin node has the modification, it /will/ reach the network On 05/15/2013 08:19 AM, Peter Todd wrote: > On Wed, May 15, 2013 at 07:38:27AM -0400, Peter Todd wrote: >> So I'm offering 2BTC for anyone who comes up with a nice and easy to use >> command line tool that lets you automagically create one version of the >> transaction sending the coins to the desired recipient, and another >> version sending all the coins back to you, both with the same >> transaction inputs. In addition to creating the two versions, you need >> to find a way to broadcast them both simultaneously to different nodes >> on the network. One clever approach might be to use blockchain.info's >> raw transaction POST API, and your local Bitcoin node. > > Oh, and while we're at it, a good starting point for your work would be > Gavin's spendfrom utility in the contrib/spendfrom directory in the > Bitcoin-QT respository. > > Also please do keep in mind that it's much better for the community if > an attack is demonstrated first, followed by releasing the code some > time later. > > > > ------------------------------------------------------------------------------ > AlienVault Unified Security Management (USM) platform delivers complete > security visibility with the essential security capabilities. Easily and > efficiently configure, manage, and operate all of your security controls > from a single console and one unified framework. Download a free trial. > http://p.sf.net/sfu/alienvault_d2d > > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRk441AAoJEBHe6b77WWmFZNQP/02t6cQkhih/CcA1oSCM72np KMRW0Z+piHShORxLyhMX3cIpi3ICJ2lJ/Pm6GfDn74oSHq8wipIFoV88xhy810bL MnJtbPH900v8PHh/ji2nWMig9NibeUa1zV9/tp31rYjUT3mmMoC4yQlyxKII8GWK iignkAHV/UL5kQGmhmr1RKN127cthSMeIzAYWXfIWVObPNm85pvizVZdgqzSK73h vwdfeFOelNbVn8ZCNT19OsxWfAKZSaBMywAX95wQBs0BtY2ZgDRmeXa6MdQKpXGW KP3O2zjjJC2CKc4+L6elMfsoL1doEsk35w/GuI4HZK4MLAI8BChi6ZPnAYjdRvir eHeszyxkKDCEaJ9JPLA/AszqkYHIB+56wTtrpVb1duyTwuqgVT5dcpMPIH8bDqjq k3I8C9zCSeQ6JgyvOd8grKJchRtq0SOWYt2bB3ytePzwOs+W+6mRenb/WtMt2dQg ntDTEIG7pCsWHenipeTBzvJNqeSsAAoIXnkGY20iDxCB+uFkTzisoCQqpOIglArm vD+Cl2nv3OKU3NTVTUt2VinoFskezI7xvsxHD8xs2V/hrlpPbPRAo+l7ER6aTazj wrONfmllHSE2XCM7wb/bX3gBNmsM3zUIgSBmNSH/SQeTy8PvwvlkZ/RRYmtVSmHL rUTp7x4U63JiIDO1jj+T =JiPo -----END PGP SIGNATURE----- --------------030705080809040303060408 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can do this right now, with Armory.   If you switch Armory to Expert usermode, you can combine coin-control with unsigned transactions to do exactly this.  It's because Armory doesn't "lock" coins used in previous unsigned transactions, until they're actually broadcast and confirmed to be "out in the wild".  This was done for simplicity to avoid people getting arbitrarily-locked coins, even though it means you end up accidentally double-spending if you try to create two different unsigned transactions from the same wallet without sign&broadcasting the first one.

So here's what you do:
(1) Switch to "Expert" usermode in Armory
(2) Open any wallet (you don't need a watch-only wallet, full wallet is fine)
(3) In the "Send Bitcoins" window, click coin-control
(4) Create a transaction using one sufficiently large input
(5) Click "Create Unsigned Transaction" and save it
(6) Repeat 3-5 with the same coin, but sending to yourself, specify a larger fee
(7) Go into "Offline Transactions" and "Sign and Broadcast Transactions"
(8) Load tx1, sign & broadcast
(9) Load tx2, sign & broadcast

This only works if your Bitcoin-Qt/bitcoind client has the replace-by-fee patch, since Armory uses Bitcoin-Qt/bitcoind as a gateway to the network. Otherwise, the second tx will be DOA.  But you don't have to mess with Armory other than switching it to Expert mode to get to the coin-control feature.

- -Alan

P.S. -- If you try this, Armory is likely to not show the second tx as having ever happened (Bitcoin-Qt will send it back to us and we ignore it because we already have a tx).  But if your Bitcoin node has the modification, it /will/ reach the network


On 05/15/2013 08:19 AM, Peter Todd wrote:
> On Wed, May 15, 2013 at 07:38:27AM -0400, Peter Todd wrote:
>> So I'm offering 2BTC for anyone who comes up with a nice and easy to use
>> command line tool that lets you automagically create one version of the
>> transaction sending the coins to the desired recipient, and another
>> version sending all the coins back to you, both with the same
>> transaction inputs. In addition to creating the two versions, you need
>> to find a way to broadcast them both simultaneously to different nodes
>> on the network. One clever approach might be to use blockchain.info's
>> raw transaction POST API, and your local Bitcoin node.
>
> Oh, and while we're at it, a good starting point for your work would be
> Gavin's spendfrom utility in the contrib/spendfrom directory in the
> Bitcoin-QT respository.
>
> Also please do keep in mind that it's much better for the community if
> an attack is demonstrated first, followed by releasing the code some
> time later.
>
>
>
> ------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRk441AAoJEBHe6b77WWmFZNQP/02t6cQkhih/CcA1oSCM72np
KMRW0Z+piHShORxLyhMX3cIpi3ICJ2lJ/Pm6GfDn74oSHq8wipIFoV88xhy810bL
MnJtbPH900v8PHh/ji2nWMig9NibeUa1zV9/tp31rYjUT3mmMoC4yQlyxKII8GWK
iignkAHV/UL5kQGmhmr1RKN127cthSMeIzAYWXfIWVObPNm85pvizVZdgqzSK73h
vwdfeFOelNbVn8ZCNT19OsxWfAKZSaBMywAX95wQBs0BtY2ZgDRmeXa6MdQKpXGW
KP3O2zjjJC2CKc4+L6elMfsoL1doEsk35w/GuI4HZK4MLAI8BChi6ZPnAYjdRvir
eHeszyxkKDCEaJ9JPLA/AszqkYHIB+56wTtrpVb1duyTwuqgVT5dcpMPIH8bDqjq
k3I8C9zCSeQ6JgyvOd8grKJchRtq0SOWYt2bB3ytePzwOs+W+6mRenb/WtMt2dQg
ntDTEIG7pCsWHenipeTBzvJNqeSsAAoIXnkGY20iDxCB+uFkTzisoCQqpOIglArm
vD+Cl2nv3OKU3NTVTUt2VinoFskezI7xvsxHD8xs2V/hrlpPbPRAo+l7ER6aTazj
wrONfmllHSE2XCM7wb/bX3gBNmsM3zUIgSBmNSH/SQeTy8PvwvlkZ/RRYmtVSmHL
rUTp7x4U63JiIDO1jj+T
=JiPo
-----END PGP SIGNATURE-----

--------------030705080809040303060408--