Author: Peter Todd 2015-05-23 18:26:21
Published on: 2015-05-23T18:26:21+00:00
Peter Todd has released a replace-by-fee patch for the Bitcoin Core v0.10.2 release, which fixes a serious Denial of Service (DoS) attack present in previous releases. Upgrading is mandatory for miners and strongly recommended for relay nodes. Previously, replacements that spent outputs the transactions they conflicted with were accepted, leading to orphaned transactions in the mempool and a potential bandwidth DoS attack for relay nodes, while mining nodes would cause a Bitcoin crash when CreateNewBlock() was called. The issue was found by Suhas Daftuar. Todd also discovered an issue with Andresen/Harding's relay doublespends patch included in Bitcoin XT, which fails to verify that doublespends don't spend outputs of the transactions they conflict with. Schildbach's Android Bitcoin Wallet fails to detect this case and displays the transaction as a valid unconfirmed transaction, potentially allowing the user to be defrauded with a doublespend.
Updated on: 2023-06-09T21:16:34.591671+00:00