Successful double spending of $ 10 thousand bitcoins

    As you know, a few days ago a failure occurred in the Bitcoin payment network with a split transaction chain. The failure occurred due to a completely minor error in the old version of Bitcoin 0.7 client software. This version is still used by many bitcoin miners who are simultaneously involved in transaction confirmation. Because of the bug, a parallel transaction chain was generated that Bitcoin 0.8 users generated.

    If you look at history not from a technical point of view, but from an economic and criminal one, then this little bug can be used to ... robbery of an exchange office! For several days, transactions were entered into two chains separately, that is, you can spend bitcoins first in one transaction chain, and then in another chain.

    Such a "robbery" or "fraud" is possible with minimal effort, because provoking a double chain of transactions was completely uncomplicated. Apparently, the most important vulnerability in the Bitcoin payment system was discovered: these are bugs in the software, that is, in Bitcoin clients.

    The robbery of an exchange office is not just a theoretical possibility. The day before yesterday, one of the users at the Bitcoin Forum told a real story about how he managed to successfully spend his coins twice (https://bitcointalk.org/index.php?topic=152348)

    Here is a brief chronology of events, the time is indicated for the UTC +8 time zone: 00.

    08:08 - Before the user found out about the bug, he transferred $ 10,000 bitcoins to the BTC-e exchanger through OKPAY, 211.9093 BTC with a commission of 0.0005 BTC was sent to 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE.

    09:30 - The transaction is included in the version 0.8 chain, block 225446.

    10:08 - Deposit made, $ 9800 transferred to BTC-e.

    12:53 - After examining the chain, the user found that the transaction was included in fork 0.8, but was not confirmed in fork 0.7, so he decided to experiment and sent the OKPAY command to execute the transaction through the API, the commission is 0.001 BTC.

    13:01 - The second transaction for the same bitcoins is included in fork 0.7, block 225446.
    As you know, it was fork 0.7 that later was decided to be made “real”, and 0.8 should be canceled.

    Thus, the user twice exchanged their bitcoins for dollars, using two chains of transactions from clients from the branches of Bitcoin 0.7 and Bitcoin 0.8. It is not surprising that with such bugs, the BTC market rate immediately fell by 25%. Who can guarantee that, due to a new bug in the program, the chain will not split again? And if so, how to guarantee the irreversibility of transactions while maintaining a high speed of payments?

    Also popular now: