On Wednesday, August 22, 2012 2:25:20 AM Forrest Voight wrote: > An unpatched Bitcoin installation can be permanently wedged at its > current highest block using this and the fact that Bitcoin caches > orphan blocks in a disk-backed database. To do so, the attacker must > send it a valid block (that will eventually make it into the > blockchain) made invalid by duplicating one of the transactions in a > way that preserves the Merkle root. The attacker doesn't even need to > mine their own block - instead, they can listen for a block, then > mutate it in this way, and pass it on to their peers.
>From the mining perspective, the unpatched install might not be simply wedged: it will also follow a competing smaller blockchain. An attacker could have used this exploit against a number of large miners (say about 40% or so) and exchanges to pull off any number of double-spend attacks until the miners noticed they had been forked and fixed their bitcoind. That is, the attacker could easily hijack as much of the miners has he wanted for his own purposes including phony 6+ confirmation transactions. On a more subtle level, the attacker could target certain blocks they wanted orphans by performing this attack on a majority of miners with the "tip" block he wanted orphaned. This vulnerability is also the reason why Eloipool (the software behind Eligius, EclipseMC, TripleMining, and other pools) has attempted to produce blocks with only transaction counts that are powers of two; such blocks cannot be used for an attack even against vulnerable clients. Luke ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development