Luke Dashjr [ARCHIVE] on Nostr: 📅 Original date posted:2016-09-23 📝 Original message:Joe sends Alice 5 BTC ...
📅 Original date posted:2016-09-23
📝 Original message:Joe sends Alice 5 BTC (UTXO 0).
Fred sends Alice 4 BTC (UTXO 1).
Alice sends Bob 4 BTC using UTXO 1 (creating UTXO 2).
Fred double-spends UTXO 1 with UTXO 1-B. This invalidates Alice's transfer to
Bob.
Alice has UTXO 0 which she can send to Bob (UTXO 3), but if she does so, it is
possible that UTXO 0 could be mined, and then both UTXO 2 and UTXO 3 which
would result in her giving Bob a total of 8 BTC rather than merely 4 BTC.
Even if Alice waits until Fred's UTXO 1-B confirms 10 blocks deep, it is not
impossible for a reorganization to reverse those 10 blocks and confirm UTXO 1
again.
Using OP_CHECKBLOCKATHEIGHT, however, Alice can create UTXO 3 such that it is
valid only in the blockchain where Fred's UTXO 1-B has confirmed. This way, if
that block is reorganized out, UTXO 3 is invalid, and either Bob receives only
the original UTXO 2, or Alice can create a UTXO 3-B which is valid in the
reorganized blockchain if it again confirms the UTXO 1-B double-spend.
Luke
On Friday, September 23, 2016 2:37:39 PM Tom via bitcoin-dev wrote:
> On Friday 23 Sep 2016 09:57:01 Luke Dashjr via bitcoin-dev wrote:
> > This BIP describes a new opcode (OP_CHECKBLOCKATHEIGHT) for the Bitcoin
> > scripting system to address reissuing bitcoin transactions when the coins
> > they spend have been conflicted/double-spent.
> >
> > https://github.com/luke-jr/bips/blob/bip-cbah/bip-cbah.mediawiki
>
> Can you walk us through a real live usecase which this solves? I read it
> and I think I understand it, but I can't see the attack every giving the
> attacker any benefit (or the attacked losing anything).
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
📝 Original message:Joe sends Alice 5 BTC (UTXO 0).
Fred sends Alice 4 BTC (UTXO 1).
Alice sends Bob 4 BTC using UTXO 1 (creating UTXO 2).
Fred double-spends UTXO 1 with UTXO 1-B. This invalidates Alice's transfer to
Bob.
Alice has UTXO 0 which she can send to Bob (UTXO 3), but if she does so, it is
possible that UTXO 0 could be mined, and then both UTXO 2 and UTXO 3 which
would result in her giving Bob a total of 8 BTC rather than merely 4 BTC.
Even if Alice waits until Fred's UTXO 1-B confirms 10 blocks deep, it is not
impossible for a reorganization to reverse those 10 blocks and confirm UTXO 1
again.
Using OP_CHECKBLOCKATHEIGHT, however, Alice can create UTXO 3 such that it is
valid only in the blockchain where Fred's UTXO 1-B has confirmed. This way, if
that block is reorganized out, UTXO 3 is invalid, and either Bob receives only
the original UTXO 2, or Alice can create a UTXO 3-B which is valid in the
reorganized blockchain if it again confirms the UTXO 1-B double-spend.
Luke
On Friday, September 23, 2016 2:37:39 PM Tom via bitcoin-dev wrote:
> On Friday 23 Sep 2016 09:57:01 Luke Dashjr via bitcoin-dev wrote:
> > This BIP describes a new opcode (OP_CHECKBLOCKATHEIGHT) for the Bitcoin
> > scripting system to address reissuing bitcoin transactions when the coins
> > they spend have been conflicted/double-spent.
> >
> > https://github.com/luke-jr/bips/blob/bip-cbah/bip-cbah.mediawiki
>
> Can you walk us through a real live usecase which this solves? I read it
> and I think I understand it, but I can't see the attack every giving the
> attacker any benefit (or the attacked losing anything).
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev