Transaction malleability problem
The transaction malleability problem is a vulnerability in blockchain which can be exploited by altering a cryptographic hash, such as the digital signature used to identify a cryptocurrency transaction.[1][2] Transaction malleability is considered to be one of the largest ongoing threats to blockchain technology,[3] as it can compromise financial transactions such as Bitcoin and other cryptocurrency transactions, and cause other issues in the network.[4]
Discovery
The transaction malleability problem became known to the Bitcoin community in 2011.
In February 2014, Japanese Bitcoin exchange Mt. Gox revealed that they had been targeted by an exploit in Bitcoin protocol called "Transaction Malleability". At the time, Mt. Gox was the world's largest bitcoin exchange, handling approximately 70% of all bitcoin transactions. The company reportedly lost hundreds of millions of dollars worth of Bitcoin due to this bug.[5] After failing to attract enough investors to offset its losses, Mt. Gox suspended withdrawals, and closed its website.[6] The company soon filed for bankruptcy with CEO Mark Karpelès resigning.[7]
Shortly after Mt. Gox's announcement, it was revealed that Silk Road 2.0 had lost $2.7 million worth of Bitcoin due to an unknown hacker who exploited transaction malleability.[8]
A 2014 study published by Christian Decker and Roger Wattenhofer found that no major transaction malleability exploitations had occurred prior to the MT. Gox attack.[9]
Applications and threats
Transaction malleability can be used to alter the unique ID of a monetary transaction before it is confirmed.[10] For example, it is possible for a hacker to fool computer systems into erroneously sending multiple transactions by manipulating the TX ID of a bitcoin transaction.[11]
References
- ↑ Andrychowicz, Marcin; Dziembowski, Stefan; Malinowski, Daniel; Mazurek, Łukasz (2015). "On the Malleability of Bitcoin Transactions". in Brenner, Michael; Christin, Nicolas; Johnson, Benjamin et al. (in en). Financial Cryptography and Data Security. Lecture Notes in Computer Science. 8976. Berlin, Heidelberg: Springer. pp. 1–18. doi:10.1007/978-3-662-48051-9_1. ISBN 978-3-662-48051-9. https://link.springer.com/chapter/10.1007/978-3-662-48051-9_1.
- ↑ Rajput, Ubaidullah; Abbas, Fizza; Hussain, Rasheed; Eun, Hasoo; Oh, Heekuck (2015), "A Simple Yet Efficient Approach to Combat Transaction Malleability in Bitcoin", Information Security Applications, Lecture Notes in Computer Science (Cham: Springer International Publishing) 8909: pp. 27–37, doi:10.1007/978-3-319-15087-1_3, ISBN 978-3-319-15086-4, http://dx.doi.org/10.1007/978-3-319-15087-1_3, retrieved 2021-07-10
- ↑ Khan, Kashif Mehboob; Arshad, Junaid; Khan, Muhammad Mubashir (2021-01-01). "Empirical analysis of transaction malleability within blockchain-based e-Voting" (in en). Computers & Security 100: 102081. doi:10.1016/j.cose.2020.102081. ISSN 0167-4048. https://www.sciencedirect.com/science/article/pii/S0167404820303540.
- ↑ "What is Bitcoin Transaction Malleability & How Can It Affect Me?" (in en). 2020-07-27. https://paxful.com/blog/bitcoin-transaction-malleability-explained/.
- ↑ Rajput, Ubaidullah; Abbas, Fizza; Hussain, Rasheed; Eun, Hasoo; Oh, Heekuck (2015). "A Simple Yet Efficient Approach to Combat Transaction Malleability in Bitcoin". in Rhee, Kyung-Hyune; Yi, Jeong Hyun (in en). Information Security Applications. Lecture Notes in Computer Science. 8909. Cham: Springer International Publishing. pp. 27–37. doi:10.1007/978-3-319-15087-1_3. ISBN 978-3-319-15087-1. https://link.springer.com/chapter/10.1007/978-3-319-15087-1_3.
- ↑ "How a bug in bitcoin led to MtGox's collapse" (in en). 2014-02-27. http://www.theguardian.com/technology/2014/feb/27/how-does-a-bug-in-bitcoin-lead-to-mtgoxs-collapse.
- ↑ McLannahan, Ben (2014-02-28). "Bitcoin exchange Mt Gox files for bankruptcy protection". https://www.ft.com/content/6636e0e8-a06e-11e3-a72c-00144feab7de.
- ↑ "Silk Road 2 loses $2.7m in bitcoins in alleged hack" (in en-GB). BBC News. 2014-02-14. https://www.bbc.com/news/technology-26187725.
- ↑ Decker, Christian; Wattenhofer, Roger (2014). "Bitcoin Transaction Malleability and MtGox". in Kutyłowski, Mirosław; Vaidya, Jaideep (in en). Computer Security - ESORICS 2014. Lecture Notes in Computer Science. 8713. Cham: Springer International Publishing. pp. 313–326. doi:10.1007/978-3-319-11212-1_18. ISBN 978-3-319-11212-1. https://link.springer.com/chapter/10.1007/978-3-319-11212-1_18.
- ↑ "SegWit: not just a solution to transaction malleability problem" (in en-US). https://www.numbrs.com/tech/2021/05/03/segwit-not-only-a-solution-to-transaction-malleability-problem/.
- ↑ Garling, Caleb (2014-02-15). "Bitcoin's transaction malleability rattles system" (in en-US). https://www.sfgate.com/tech/article/Bitcoin-s-transaction-malleability-rattles-system-5236912.php.
Original source: https://en.wikipedia.org/wiki/Transaction malleability problem.
Read more |