📅 Original date posted:2015-12-20 📝 Original message:Jonathan Toomim via ...

Rusty Russell [ARCHIVE] /

npub1zw7…khpx

2023-06-07 17:46:48

in reply to nevent1q…rc32

📅 Original date posted:2015-12-20
📝 Original message:Jonathan Toomim via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org>
writes:
> On Dec 18, 2015, at 10:30 AM, Pieter Wuille via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
>
>> 1) The risk of an old full node wallet accepting a transaction that is
>> invalid to the new rules.
>>
>> The receiver wallet chooses what address/script to accept coins on.
>> They'll upgrade to the new softfork rules before creating an address
>> that depends on the softfork's features.
>>
>> So, not a problem.
>
>
> Mallory wants to defraud Bob with a 1 BTC payment for some beer. Bob
> runs the old rules. Bob creates a p2pkh address for Mallory to
> use. Mallory takes 1 BTC, and creates an invalid SegWit transaction
> that Bob cannot properly validate and that pays into one of Mallory's
> wallets. Mallory then immediately spends the unconfirmed transaction
> into Bob's address. Bob sees what appears to be a valid transaction
> chain which is not actually valid.

Pretty sure Bob's wallet will be looking for "OP_DUP OP_HASH160
<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG" scriptSig. The SegWit-usable
outputs will (have to) look different, won't they?

Cheers,
Rusty.

Author Public Key

npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpx

Show more details

Published at

2023-06-07 17:46:48

Kind type

1 Short Text Note

Event JSON

{ "id": "a5b27efaa620a95544c049ee4fee7991ece5d366ca9ee7be39318de7f1b234e5", "pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425", "created_at": 1686160008, "kind": 1, "tags": [ [ "e", "98cf2e35838fa134ae6f1ae02856ea7c4d6d5aae2f9a5a6272379073f8e32519", "", "root" ], [ "e", "51fcb9da1a35b9df71e4b9917341997faec110652b336eaacc01c59d9c08d69c", "", "reply" ], [ "p", "f9ca566c8a15d0510cba9326659e9d235ad5681c8eb6f5594af50b92b640fb66" ] ], "content": "📅 Original date posted:2015-12-20\n📝 Original message:Jonathan Toomim via bitcoin-dev \u003cbitcoin-dev at lists.linuxfoundation.org\u003e\nwrites:\n\u003e On Dec 18, 2015, at 10:30 AM, Pieter Wuille via bitcoin-dev \u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003e\n\u003e\u003e 1) The risk of an old full node wallet accepting a transaction that is\n\u003e\u003e invalid to the new rules.\n\u003e\u003e \n\u003e\u003e The receiver wallet chooses what address/script to accept coins on.\n\u003e\u003e They'll upgrade to the new softfork rules before creating an address\n\u003e\u003e that depends on the softfork's features.\n\u003e\u003e \n\u003e\u003e So, not a problem.\n\u003e\n\u003e\n\u003e Mallory wants to defraud Bob with a 1 BTC payment for some beer. Bob\n\u003e runs the old rules. Bob creates a p2pkh address for Mallory to\n\u003e use. Mallory takes 1 BTC, and creates an invalid SegWit transaction\n\u003e that Bob cannot properly validate and that pays into one of Mallory's\n\u003e wallets. Mallory then immediately spends the unconfirmed transaction\n\u003e into Bob's address. Bob sees what appears to be a valid transaction\n\u003e chain which is not actually valid.\n\nPretty sure Bob's wallet will be looking for \"OP_DUP OP_HASH160\n\u003cpubKeyHash\u003e OP_EQUALVERIFY OP_CHECKSIG\" scriptSig. The SegWit-usable\noutputs will (have to) look different, won't they?\n\nCheers,\nRusty.", "sig": "77d4bfb1d1a6b0c6f54a9e11360a49f604d743c3359f73d7effc6c1e0c2cd629da01d754959f4c241d5666afd5056a16f6cdee51cdc172629a27c13e664d2a26" }