[Bitcoin-development] Duplicate transactions vulnerability

[Ben Reeves]

One more thing to add. The implementation in the reference patch fixes
the blockchain forking issue however by still allowing spent coinbases
to be disconnected patched clients are still vulnerable to blockchain
corruption. While not an immediate issue it would mean
LoadBlockIndex() would error on restart and could cause problems for
new clients during the initial blockchain download.

Is there a reason not to disallow duplicate coinbases entirely?

On Thu, Mar 1, 2012 at 10:15 AM, Ben Reeves <support at pi.uk.com> wrote:
> Yes you are right. Any fix in DisconnectBlock() has the same potential issues.
>
> I think the exchanges and major merchants need to be made aware that
> they must also upgrade. Maybe bundle both BIP16 and BIP30 in 0.6 and
> issue an advisory stating that this is a mandatory upgrade for
> everyone.
>
> It also might be prudent to have a blockchain repair script ready,
> which checks the db for missing coinbase transactions and downloads
> them from another peer or block explorer if necessary.
>
> Thank You,
> Ben Reeves
> www.blockchain.info
>
> On Wed, Feb 29, 2012 at 11:45 PM, Pieter Wuille <pieter.wuille at gmail.com> wrote:
>> On Wed, Feb 29, 2012 at 11:00:42PM +0000, Ben Reeves wrote:
>>> I'm not sure. What if they use a coinbase of a block that has already matured?
>>
>> Indeed; duplicate an old coinbase, fork chain without dupe, and spend the old coinbase.
>> The 100-blocks maturity will not help against is.
>>
>> I'm not sure how you intend to fix DisconnectBlock() to prevent this in a backward-
>> compatible way, though.
>>
>> --
>> Pieter