[bitcoin-dev] On the security of softforks
onelineproof at gmail.com
Sat Dec 19 17:46:02 UTC 2015
On Fri, Dec 18, 2015 at 2:47 AM, Jonathan Toomim via bitcoin-dev <
bitcoin-dev at lists.linuxfoundation.org> wrote:
> On Dec 18, 2015, at 10:30 AM, Pieter Wuille via bitcoin-dev <
> bitcoin-dev at lists.linuxfoundation.org> wrote:
> 1) The risk of an old full node wallet accepting a transaction that is
> invalid to the new rules.
> The receiver wallet chooses what address/script to accept coins on.
> They'll upgrade to the new softfork rules before creating an address
> that depends on the softfork's features.
> So, not a problem.
> Mallory wants to defraud Bob with a 1 BTC payment for some beer. Bob runs
> the old rules. Bob creates a p2pkh address for Mallory to use. Mallory
> takes 1 BTC, and creates an invalid SegWit transaction that Bob cannot
> properly validate and that pays into one of Mallory's wallets. Mallory then
> immediately spends the unconfirmed transaction into Bob's address. Bob sees
> what appears to be a valid transaction chain which is not actually valid.
> What do you mean a valid transaction chain? If Bob is fully validating
(even with old software), he should see that Mallory's signature is not on
a transaction with his address.
Do you mean Mallory creates a regular transaction as well as an
Anyone-can-spend segwit transaction that results in double spending in the
Sorry not sure what I'm missing...
> Clueless Carol is one of the 4.9% of miners who forgot to upgrade her
> mining node. Carol sees that Mallory included an enormous fee in his
> transactions, so Carol makes sure to include both transactions in her
> Mallory gets free beer.
> Anything I'm missing?
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
PGP: B6AC 822C 451D 6304 6A28 49E9 7DB7 011C D53B 5647
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bitcoin-dev