Author: Sergio Demian Lerner 2018-08-14 15:26:25
Published on: 2018-08-14T15:26:25+00:00
The author proposes a new idea to fix the MERKLEBLOCK command in order to prevent rogue peers from attacking SPV peers using Bitcoin's Merkle tree structure flaws. The proposed solution is a network protocol improvement that limits the attacker's ability to supply chosen-hash digests in order to build a transaction. The idea is to store a pre-image of A, or SHA256(X), instead of storing A in the merkleblock structure. Verifiers (SPV nodes) would apply a single SHA256() operation to the left-sided terminal hashes before combining them. This change could be implemented through a new command MERKLEBLOCK2 or by using the protocol version to differentiate between the two modes of the MERKLEBLOCK command. If the idea gets community support, the author may write the BIP/code or invite anyone to do it. The proposal aims to avoid the coordination problem that could arise from the old idea to soft-fork Bitcoin to make invalid 64-byte transactions.
Updated on: 2023-05-20T17:33:55.466365+00:00