[Cryptography] BitCoin bug reported

Natanael natanael.l at gmail.com
Thu Feb 13 18:40:13 EST 2014 

Den 13 feb 2014 23:39 skrev "Phillip Hallam-Baker" <hallam at gmail.com>:
>
> The MtGox people are claiming that the reason they have been offline is a
bug in the BitCoin protocol:
>
> https://www.mtgox.com/press_release_20140210.html
>
> Does anyone with deep knowledge of the protocol know if this is a
credible explanation?
>
> I am getting mighty fed up of a group of people who mouth off constantly
that we can't trust the government but take great offense and try to bully
anyone who asks questions about the scheme.
>
> There are some people in the community that I trust completely. But some
of the names involved in the BitCoin world are people that I know I can;t
trust and neither can anyone else. They have lied to and cheated me, they
have lied to and cheated others.
>
> They are currently using as much electricity as the nation of Cyprus.
This is way beyond a science project. If it continues then in a few years
BitCoin will be taking all the electricity generated by the Three Gorges
Dam project. Which is why I suspect China will soon be introducing condign
punishments for mining.
>
>
> Its not a Ponzi scheme, but the design of the blockchain it pretty
interesting. Since the upper limit on the value of a bitcoin is set by the
cost of electricity to mine it, the value increases as the difficulty of
mining increases. Since that is exponential, there is a built in bubble
factor.
>
> --
> Website: http://hallambaker.com/

Bitcoin handles transactions in the form of inputs and outputs, in a way
that can be compared to taking pieces of gold that previously had been
given to you (inputs), melting it and splitting it into new parts
(outputs). Every input in transactions you make is the output from a
previous one. Every transaction has a hash value that is used to identify
it.

Mt Gox tracked transactions primarily on the hash.

You can modify some parts of the transactions that isn't part of what is
signed, that doesn't change what the transaction does, but that changes the
hash.

So some transactions didn't have the expected hash that Mt Gox were
sending, when they ended up in the blockchain, because somebody was
rebroadcasting modified versions.

So somebody got their coins from Mt Gox, told their support they didn't get
them while pointing at the original hash, and Mt Gox saw that original
transaction hash wasn't in the blockchain, and sent coins again. So the
attacker got their coins twice.

The sane services tracks spent outputs. The modified transactions can still
be identified as spending the same outputs with the same amounts to the
same recipients, proving the recipient got the coins. They would not get
fooled by a transaction hash changing.

On a sidenote, if you ever want to resend coins, then claim the same
outputs as you did before, that way only one of the transactions can get
verified in the blockchain. Otherwise the attacker can rebroadcast the
origin transaction, and it would still be valid. That's why you ALWAYS
should track outputs.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140214/b2964437/attachment.html>

More information about the cryptography mailing list