[Bitcoin-development] 2BTC reward for making probabalistic double-spending via conflicting transactions easy

Alan Reiner etotheipi at gmail.com
Wed May 15 13:31:33 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can do this right now, with Armory.   If you switch Armory to Expert
usermode, you can combine coin-control with unsigned transactions to do
exactly this.  It's because Armory doesn't "lock" coins used in previous
unsigned transactions, until they're actually broadcast and confirmed to
be "out in the wild".  This was done for simplicity to avoid people
getting arbitrarily-locked coins, even though it means you end up
accidentally double-spending if you try to create two different unsigned
transactions from the same wallet without sign&broadcasting the first one.

So here's what you do:
(1) Switch to "Expert" usermode in Armory
(2) Open any wallet (you don't need a watch-only wallet, full wallet is
fine)
(3) In the "Send Bitcoins" window, click coin-control
(4) Create a transaction using one sufficiently large input
(5) Click "Create Unsigned Transaction" and save it
(6) Repeat 3-5 with the same coin, but sending to yourself, specify a
larger fee
(7) Go into "Offline Transactions" and "Sign and Broadcast Transactions"
(8) Load tx1, sign & broadcast
(9) Load tx2, sign & broadcast

This only works if your Bitcoin-Qt/bitcoind client has the
replace-by-fee patch, since Armory uses Bitcoin-Qt/bitcoind as a gateway
to the network. Otherwise, the second tx will be DOA.  But you don't
have to mess with Armory other than switching it to Expert mode to get
to the coin-control feature.

- -Alan

P.S. -- If you try this, Armory is likely to not show the second tx as
having ever happened (Bitcoin-Qt will send it back to us and we ignore
it because we already have a tx).  But if your Bitcoin node has the
modification, it /will/ reach the network


On 05/15/2013 08:19 AM, Peter Todd wrote:
> On Wed, May 15, 2013 at 07:38:27AM -0400, Peter Todd wrote:
>> So I'm offering 2BTC for anyone who comes up with a nice and easy to use
>> command line tool that lets you automagically create one version of the
>> transaction sending the coins to the desired recipient, and another
>> version sending all the coins back to you, both with the same
>> transaction inputs. In addition to creating the two versions, you need
>> to find a way to broadcast them both simultaneously to different nodes
>> on the network. One clever approach might be to use blockchain.info's
>> raw transaction POST API, and your local Bitcoin node.
>
> Oh, and while we're at it, a good starting point for your work would be
> Gavin's spendfrom utility in the contrib/spendfrom directory in the
> Bitcoin-QT respository.
>
> Also please do keep in mind that it's much better for the community if
> an attack is demonstrated first, followed by releasing the code some
> time later.
>
>
>
>
------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRk441AAoJEBHe6b77WWmFZNQP/02t6cQkhih/CcA1oSCM72np
KMRW0Z+piHShORxLyhMX3cIpi3ICJ2lJ/Pm6GfDn74oSHq8wipIFoV88xhy810bL
MnJtbPH900v8PHh/ji2nWMig9NibeUa1zV9/tp31rYjUT3mmMoC4yQlyxKII8GWK
iignkAHV/UL5kQGmhmr1RKN127cthSMeIzAYWXfIWVObPNm85pvizVZdgqzSK73h
vwdfeFOelNbVn8ZCNT19OsxWfAKZSaBMywAX95wQBs0BtY2ZgDRmeXa6MdQKpXGW
KP3O2zjjJC2CKc4+L6elMfsoL1doEsk35w/GuI4HZK4MLAI8BChi6ZPnAYjdRvir
eHeszyxkKDCEaJ9JPLA/AszqkYHIB+56wTtrpVb1duyTwuqgVT5dcpMPIH8bDqjq
k3I8C9zCSeQ6JgyvOd8grKJchRtq0SOWYt2bB3ytePzwOs+W+6mRenb/WtMt2dQg
ntDTEIG7pCsWHenipeTBzvJNqeSsAAoIXnkGY20iDxCB+uFkTzisoCQqpOIglArm
vD+Cl2nv3OKU3NTVTUt2VinoFskezI7xvsxHD8xs2V/hrlpPbPRAo+l7ER6aTazj
wrONfmllHSE2XCM7wb/bX3gBNmsM3zUIgSBmNSH/SQeTy8PvwvlkZ/RRYmtVSmHL
rUTp7x4U63JiIDO1jj+T
=JiPo
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20130515/9f78f5e6/attachment.html>

More information about the bitcoin-dev mailing list