david wong

Hey! I'm David, cofounder of zkSecurity and the author of the Real-World Cryptography book. I was previously a crypto architect at O(1) Labs (working on the Mina cryptocurrency), before that I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

Bitcoin Exchanges Under ‘Massive and Concerted Attack’ posted February 2014

The transaction malleability problem which troubled Mtgox a few days ago has also made Bitstamp shutdown.

Apparently a large scale attack using this problem is going on on multiple exchanges.

Antonopoulos, who is the chief security officer of Blockchain.info, said a DDoS attack is taking Bitcoin’s transaction malleability problem and applying it to many transactions in the network, simultaneously.

The article on coindesk here

It's interesting to watch actually, submit a transaction to the network at the moment and there's a rogue node that will mess with the padding of the signatures and rebroadcast it faster than the original. It confuses the reference client into duplicate display, which is what Gox is relying on for the failed/success display. That they're winning races over the normal related transactions isn't that unnatural as the transaction processing stuff has a 100ms sleep() in the middle of it.

From the discussion over at HN

PS : apparemment l'erreur a été corrigé il y a un an sur le client bitcoin officiel ici

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Comments

leave a comment...