A recent incident on the Bitcointalk forum has highlighted a
security vulnerability in Bitcoin transactions, specifically targeting the
popular Bitcoin gambling site SatoshiDice. The attack involved an attempt to
reverse an unconfirmed transaction, resulting in the attacker’s original loss
being erased.
The attacker’s strategy was relatively straightforward. They
initially placed a 0.25 BTC bet against SatoshiDice with no transaction fees,
which they intentionally lost. Immediately after receiving the notification of
their loss, they sent another 0.25 BTC transaction to themselves, this time
with a transaction fee, aiming to encourage miners to prioritize the second
transaction over the first. However, this initial strategy failed, forcing the
attacker to adopt a new tactic.
To make the second attempt successful, the attacker
deliberately made the transaction “spammy” by splitting the funds
into twenty inputs of 0.01 BTC each. They then tried to overwrite the initial
transaction with a 0.20 BTC transaction to themselves, offering a generous
0.004 BTC fee. This time, the mining pool BTC Guild confirmed the second
transaction over the first, resulting in the attacker’s original loss
disappearing.
It is crucial to note that this incident does not undermine
the overall security of Bitcoin as a whole, except for a limited number of
applications. Bitcoin transactions have two confirmation stages: network
propagation, which takes a few seconds, and block confirmation, which takes
approximately ten minutes. Most Bitcoin-accepting businesses wait for one block
confirmation before finalizing transactions, which protects them from such
attacks.
For vendors selling physical goods and online services,
fraudulent transactions can be easily canceled even hours after the original
payment notification. In the case of consumable digital goods, providers
typically take up to 30 minutes to deliver the goods, allowing time for
confirmation or implementing patches to address the issue. The current practice
of instant confirmations can still be maintained from the customer’s
perspective, providing reassurance that the transaction has successfully
reached the merchant.
Digital download stores offering instant downloads are also
safeguarded against significant monetary loss. Since digital goods have minimal
marginal costs, attempts to force refunds through this technique are comparable
to downloading them through torrent networks. The impact on honest customers
and artists remains negligible.
To address this vulnerability, businesses can implement
simple solutions such as waiting for one block confirmation before processing
irreversible actions. Companies like SatoshiDice have already taken steps to
address the issue by requiring transaction fees for incoming bets. Other
measures include employing software solutions like ZipConf, which broadcasts
the initial transaction quickly to the network, making subsequent conflicting
transactions less likely to gain traction.
By cooperating with miners and Bitcoin developers,
businesses can introduce patches that prioritize older transactions over
conflicting ones, providing an added layer of defense. While this attack
presents a challenge, it is manageable with the community’s concerted effort to
patch vulnerabilities and ensure the security of Bitcoin transactions.
Leave a Reply