Author: Pieter Wuille 2012-02-28 16:48:39
Published on: 2012-02-28T16:48:39+00:00
There has been a security vulnerability found in the Bitcoin reference client when dealing with duplicate transactions. Although exploiting it is complex, and has no financial benefit to the attacker, it is still a security hole that needs to be fixed as soon as possible. One solution to fix this issue is by adding an extra protocol rule which disallows blocks to contain a transaction hash that is equal to that of a former transaction which has not yet been completely spent. This protocol rule has been written about in BIP30. There is a patch for the reference client which has been tested and verified to make the attack impossible, and the change is backward compatible in the same way as BIP16. If a supermajority of mining power implements this change, old clients can continue to function without risk. The purpose of this mail is to ask for support for adding this rule to the protocol rules. If there is consensus that this rule is the solution, the hope is that pools and miners can agree to update their nodes without a lengthy coinbase-flagging procedure that would only delay a solution.
Updated on: 2023-05-18T23:07:12.476457+00:00