mb300sd



Offline



Activity: 1260

Merit: 1000



Drunk Posts







LegendaryActivity: 1260Merit: 1000Drunk Posts Why have we not discouraged relaying of malleated transactions? February 11, 2014, 10:58:55 PM #1 It seems like the malleable transaction problem is caused only by the use of non-DER encoded signatures in the transaction. Can we discourage the relaying of these? If the standard client and all good implementations of the protocol are creating properly DER encoded signatures, it would be nice to have nodes prefer to relay the properly encoded signature if more than 1 is seen, as well as updating mempool so that the properly signed version is more likely to be mined.



I would make a pull request but ECDSA code tends to go over my head.



Someone tell me if I'm wrong...or if its already being discussed somewhere I'm not finding. Getting annoyed, impatient, and irritable as I watch my net worth decrease. 1D7FJWRzeKa4SLmTznd3JpeNU13L1ErEco

Remember that Bitcoin is still beta software. Don't put all of your money into BTC! dvertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here. dvertised sites arenot endorsed by the Bitcoin Forum. They may beunsafe, untrustworthy, or illegal in your jurisdiction.

ScripterRon



Offline



Activity: 136

Merit: 106







Full MemberActivity: 136Merit: 106 Re: Why have we not discouraged relaying of malleated transactions? February 11, 2014, 11:29:22 PM #2 The ones that I have seen are caused by modifying the first push-data opcode in the input script, changing it from a 1-byte push-data opcode to a 3-byte push-data opcode. Since the same amount of data is pushed on to the stack, the script is still valid. It just changes the transaction hash.



Pieter has listed several things that need to be done. Canonical push-data scripts are just one of them. Some of the changes will require changes to all clients in order to implement them (such as fixing malleable signatures).



That said, I did change my node to not relay transactions with non-canonical push-data opcodes. It seems to be rejecting just the bad transactions, so I'm guessing that existing clients are OK with this change.

mb300sd



Offline



Activity: 1260

Merit: 1000



Drunk Posts







LegendaryActivity: 1260Merit: 1000Drunk Posts Re: Why have we not discouraged relaying of malleated transactions? February 11, 2014, 11:36:17 PM #3 Quote from: ScripterRon on February 11, 2014, 11:29:22 PM The ones that I have seen are caused by modifying the first push-data opcode in the input script, changing it from a 1-byte push-data opcode to a 3-byte push-data opcode. Since the same amount of data is pushed on to the stack, the script is still valid. It just changes the transaction hash.



Pieter has listed several things that need to be done. Canonical push-data scripts are just one of them. Some of the changes will require changes to all clients in order to implement them (such as fixing malleable signatures).



That said, I did change my node to not relay transactions with non-canonical push-data opcodes. It seems to be rejecting just the bad transactions, so I'm guessing that existing clients are OK with this change.



I'd been under the impression that changing the opcodes would require the privkey.



Would you mind posting your patch? I'd like to update my nodes as well. Would like to think my ~500 connections are worth something. The less well connected nodes that relay these, the more likely that the non-modified tx makes it to miners first. I'd been under the impression that changing the opcodes would require the privkey.Would you mind posting your patch? I'd like to update my nodes as well. Would like to think my ~500 connections are worth something. The less well connected nodes that relay these, the more likely that the non-modified tx makes it to miners first. 1D7FJWRzeKa4SLmTznd3JpeNU13L1ErEco

gmaxwell

Legendary





Offline



Activity: 3178

Merit: 4298









ModeratorLegendaryActivity: 3178Merit: 4298 Re: Why have we not discouraged relaying of malleated transactions? February 12, 2014, 01:41:15 AM #4 We already block most forms which can be blocked, this was a change in bitcoin 0.8 (that was, in fact, causing withdraws delays for mtgox because they produced transactions with invalid encoding).



The recent flood of transactions use a pushdata change. A patch to block it was written in September 2013, but didn't make it into the codebase until today. If your node is running git bitcoin, just update and you'll have it.





CanaryInTheMine

Legendary



Offline



Activity: 2240

Merit: 1042





between a rock and a block!







DonatorLegendaryActivity: 2240Merit: 1042between a rock and a block! Re: Why have we not discouraged relaying of malleated transactions? February 12, 2014, 05:02:03 AM #7 maybe this is in the wrong thread, but i have a tiny node running at my house, bitcoin-qt (0.8.6) on windows 7 serves about 60 connections at any given time...

what can I do to change it/update it to help with this issue?