📅 Original date posted:2011-08-18
🗒️ Summary of this message: The lessons from a Bitcoin attack are to not accept 1-confirmation transactions and to be well-connected, but also to not trust information from only one peer.
📝 Original message:On Thu, 2011-08-18 at 10:00 -0400, Gavin Andresen wrote:
> The lessons are "don't accept 1-confirmation transactions" and "try
> to be well-connected."
>
> But maybe the deeper lesson is "don't trust information you get from
> only one peer." Or maybe "watch for peers that are trying to fool
> you."
This particular attack seems quite dependant on the target not using the
deposit Tx as input. I believe this whole class of attacks become
ineffective if each account has it's own separate wallet.
Also, receiving a block with a transaction that hasn't been broadcast to
the network is in itself quite suspect. Are there cases where that
happens legitimately? Perhaps in such a case, don't treat the block it
came in as a confirmation at all. Instead, start counting from the next
one.
- Joel
Joel Joonatan Kaartinen [ARCHIVE] /
npub165…48xrx
2023-06-07 02:16:25
in reply to nevent1q…yza6
Author Public Key
npub1654pkuj4rway0043gcu6rdh4umxescp7ew42d2czqvts3kwvg3esc48xrxPublished at
2023-06-07 02:16:25Event JSON
{
"id": "607f2c7ac00347dccf896bfc7bdf1e2d90c5799e4b7e2878f45db0334c6ba960",
"pubkey": "d52a1b72551bba47beb14639a1b6f5e6cd98603ecbaaa6ab02031708d9cc4473",
"created_at": 1686104185,
"kind": 1,
"tags": [
[
"e",
"dd2bd651f69ea303806455734fc808b7cc754a844f6c0cd64050fdba6244fb9a",
"",
"root"
],
[
"e",
"696a8f959f605d9047c1e9e68c29ebac22932c0cac8266fe5be4149fbe04a03c",
"",
"reply"
],
[
"p",
"857f2f78dc1639e711f5ea703a9fc978e22ebd279abdea1861b7daa833512ee4"
]
],
"content": "📅 Original date posted:2011-08-18\n🗒️ Summary of this message: The lessons from a Bitcoin attack are to not accept 1-confirmation transactions and to be well-connected, but also to not trust information from only one peer.\n📝 Original message:On Thu, 2011-08-18 at 10:00 -0400, Gavin Andresen wrote:\n\u003e The lessons are \"don't accept 1-confirmation transactions\" and \"try\n\u003e to be well-connected.\"\n\u003e \n\u003e But maybe the deeper lesson is \"don't trust information you get from\n\u003e only one peer.\" Or maybe \"watch for peers that are trying to fool\n\u003e you.\"\n\nThis particular attack seems quite dependant on the target not using the\ndeposit Tx as input. I believe this whole class of attacks become\nineffective if each account has it's own separate wallet.\n\nAlso, receiving a block with a transaction that hasn't been broadcast to\nthe network is in itself quite suspect. Are there cases where that\nhappens legitimately? Perhaps in such a case, don't treat the block it\ncame in as a confirmation at all. Instead, start counting from the next\none.\n\n- Joel",
"sig": "e4a2e423558913ffdbf754327cacf354116658918a9d62b1a22c208f15ea86f5412708f15920dc5f2bc69fcf68f76a3242ff8a96bacbe51d0a0b0e1f78beaf9d"
}