[Bitcoin-development] [RFC] [BIP proposal] Dealing with malleability

Alan Reiner etotheipi at gmail.com
Wed Feb 12 18:21:23 UTC 2014

We're talking about two slightly different things.  If their system had
tracked by inputs and outputs (or some kind of static ID) , their system
wouldn't have been issuing refunds/replacements/cancellations in the first

I agree with you that the reissuing code should also guarantee that both TX
can't be valid... But really their system should do both.   Without the I/O
based tracking their bookkeeping will be off, regardless of the reissuing
code,  because they can't properly associate outgoing transactions with
customer accounts/actions.

Sent from my overpriced smartphone
On Feb 12, 2014 1:06 PM, "Gregory Maxwell" <gmaxwell at gmail.com> wrote:

On Wed, Feb 12, 2014 at 7:12 AM, Rune Kjær Svendsen <runesvend at gmail.com>
> Instead of trying to remove the possibility of transaction
> malleability, would it make sense to define a new, "canonical
> transaction hash/ID" (cTxID), which would be a hash of the part of the
> transaction data which we know is not malleable, and have clients use
> this cTxID internally, thus making the traditional transaction hash
> irrelevant for a client to function correctly?

This is fine and good. But it only scratches the surface of the
problems created by malleability, especially for fancier transaction

Mutation allows you to invalidate a chain of unconfirmed transaction
by mutating the parent. This breaks any protocol which depends on
creating a precomputed nlocked time refund transaction.

So a canonical ID can be used to prevent some buggy behavior it
doesn't actually fix the problem. Fortunately the non-fixed parts
aren't too critical today.

On Wed, Feb 12, 2014 at 8:22 AM, Alan Reiner <etotheipi at gmail.com> wrote:
> I think the solution is simply to encourage Bitcoin software developers to
> design their software to use this static ID, instead of the full
> hash.    If MtGox had talked those IDs instead of the TX ID, their
> would've correctly identified the mutated transactions and there would be
> no problem.

This is incorrect.  MtGox was automatically issuing replacement
transactions resulting in double payments.

When you attempt to replace/reissue/cancel a transaction you __MUST__
double-spend the original transaction. If the original transaction has
not been conflicted then it is possible someone will pull the original
transaction out of a hat and both your replacement and the original
will be confirmed.  It is not safe at any time to look to see if the
original has been confirmed yet, and if not reissue-- not because
mutation may mean you're looking in the wrong place-- but because the
state of the world could change nano-seconds after you looked.

If you do double-spend the original then there is no chance that both
will go through, you'll have atomic exclusion and only one transaction
or the other will be confirmed.

Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience.  Start now.
Bitcoin-development mailing list
Bitcoin-development at lists.sourceforge.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140212/332272c2/attachment.html>

More information about the bitcoin-dev mailing list