Author: odinn 2015-09-29 19:54:41
Published on: 2015-09-29T19:54:41+00:00
In a post on the bitcoin-dev mailing list, Jonathan Toomim of Toomim Brothers warns of an attack that can be performed by miners who have not upgraded to version 0.11. The attack involves double-spending coins in a way that nodes running version 0.11 will recognise as invalid but nodes running older versions of the software will accept as valid. This would cause honest nodes to start reorganising their chains from the point at which the double-spend occurs, whilst dishonest miners continue to build on the "bad" chain. SPV clients will appear to behave normally and show new transactions and get confirmations in a timely fashion, however, they will be systematically susceptible to attack from double-spends that attempt to spend funds in a way that the upgraded nodes will reject. These transactions will appear to get one confirmation then regress to zero conf every single time. If an attacker thinks he could get more than 25 BTC of double-spends per block, he might even choose to mine with the obsolete version in order to get predictable orphans and to trick SPV clients and fully verifying wallets on the old version.
Updated on: 2023-06-10T23:15:38.803580+00:00