[Bitcoin-development] Double-Spending Fast Payments in Bitcoin due to Client versions 0.8.1
Arthur Gervais
arthur.gervais at inf.ethz.ch
Thu Jun 27 10:23:34 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear Bitcoin developers,
We would like to report a vulnerability which might lead, under some
assumptions, to a double-spending attack in a fast payment scenario.
The vulnerability has been introduced due to signature encoding
incompatibilities between versions 0.8.2 (or 0.8.3) and earlier
Bitcoin versions.
Please find at the following link a detailed description of this
vulnerability:
ftp://ftp.inf.ethz.ch/pub/publications/tech-reports/7xx/789.pdf
We contacted and informed Gavin earlier about this problem.
With best regards,
Arthur Gervais
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQEcBAEBAgAGBQJRzBKLAAoJEI2AYXeasI8/eNYH/2b45o8JPjuiOXeE0MgiYO4g
HgGorNBvH3hLlSZkGh/7GxeGWi3tiEq8DKAgqFd8p+1Ay4YVHK86jJMBxAc8lzpx
TqS6Szrhlx7slamMGhjeem4BJ2RmfVqSRQjidYxwdee8bMQRVH5DiBzndpZwCeHa
AvlP8ojTUFozOJs5PvjEqE+sDKDe5nDC96uiZyMROK8neoiLZpJzV3+ScTUjLCeB
zg34wttX80WKpkXJFvq88FTIvO5E42NGP3APnt2J/HZcey4Mi9UIhLt+/TJ7Z07l
HuxFlzyXdCgRkJWvU13yn8bUP0cbeoox6Cwn7rDAIisVLn4KB9XPThPjfJbKEkg=
=Y6bs
-----END PGP SIGNATURE-----
More information about the bitcoin-dev
mailing list