Author: Jorge Timón 2015-04-24 08:55:57
Published on: 2015-04-24T08:55:57+00:00
A user wrote to Pieter Wuille, a Bitcoin developer, asking about the possibility of altering transaction IDs (txids). While acknowledging that all current Bitcoin transactions are malleable, the user wondered how easy it is for anyone to alter txids and whether the system can still function optimally. Wuille confirmed that an attacker who has financial gain from malleation could easily alter the txid, requiring a sender to re-sign their transaction. Furthermore, Wuille said that after BIP62, senders will be able to protect others from malleating. The user then asked whether there were any efforts to make the system's txids non-malleable, given the potential impact on security, as he was trying to build a Bitcoin contract that relies on three things: coinjoin/txes with inputs from multiple users signed by all users after they are merged together, pre-signed txes with nLockTime, and P2SH. Wuille explained that while transaction malleability could affect the system, it does not fully rely on non-malleable txids. The three pieces of the Bitcoin protocol mentioned above will be supported in any future transaction version or block version, regardless of changes made or features added to Bitcoin Core. Wuille also highlighted some of the risks involved in using pre-signed txes with nLockTime, whereby coins may be locked if a server disappears before the altered/modified txid gets confirmed. He suggested that one way to mitigate this risk would be to require a signature from both parties before broadcasting the transaction. Finally, Wuille provided a link to a video explaining several aspects of malleability, which he believed was very relevant and would hopefully clear up some doubts.
Updated on: 2023-06-09T19:09:38.882623+00:00