Hello all, as some of you may know, a vulnerability has been found in how the Bitcoin reference client deals with duplicate transactions. Exploiting it is rather complex, requires some hash power, and has no financial benefit for the attacker. Still, it's a security hole, and we'd like to fix this as soon as possible.
A simple way to fix this, is adding an extra protocol rule[1]: Do not allow blocks to contain a transaction whose hash is equal to that of a former transaction which has not yet been completely spent. I've written about it in BIP30[2]. There is a patch for the reference client, which has been tested and verified to make the attack impossible. The change is backward compatible in the same way BIP16 is: if a supermajority of mining power implements it, old clients can continue to function without risk. The purpose of this mail is asking for support for adding this rule to the protocol rules. If there is consensus this rule is the solution, I hope pools and miners can agree to update their nodes without lengthy coinbase-flagging procedure that would only delay a solution. So, who is in favor? [1] https://en.bitcoin.it/wiki/Protocol_rules [2] https://en.bitcoin.it/wiki/BIP_0030 -- Pieter ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
