Author: Raúl Martínez 2014-06-10 11:25:05
Published on: 2014-06-10T11:25:05+00:00
A member of the Bitcoin-development mailing list, Raúl Martínez, proposed a possible attack on Bitcoin transactions. The premise of this attack is that some transactions fail to confirm and are eventually purged by Bitcoin nodes due to a lack of fees. In this scenario, Alice is selling a pizza to Bob and he makes the payment with Bitcoin. The goal of the attack is for Alice to store an unconfirmed transaction sent by Bob for a few days, which will not be included in the blockchain due to no fee or other reasons. Bob might resend the payment or just cancel the deal with Alice. A couple of days later, Alice relays the transaction to the network or mines it directly with her own hash power. Bob does not know what is happening and thinks that the transaction was "canceled forever." Alice now has the bitcoins, and Bob does not know what happened with his money.This attack could also work with the Payment Protocol because when using it, Bob does not relay the transaction to the network. It is Alice's job to do it, and Alice stores it and tells Bob to resend the payment. Bob creates another transaction (if it has the same inputs as the first transaction, this does not work) and Alice relays it to the network. Alice comes back a couple of days later and mines with her hash rate the first transaction (the one she did not relay to the network). Alice now has two payments, and Bob does not know what happened.There is no known fix for this problem, and it is unclear if this kind of attack is possible.
Updated on: 2023-06-08T23:49:38.471105+00:00