Forgot your password?
typodupeerror
Bitcoin Math

MtGox's "Transaction Malleability" Claim Dismissed By Researchers 92

Posted by Unknown Lamer
from the did-you-check-the-couch-cushions? dept.
Martin S. (98249) writes "The Register reports on a paper at the arXiv (abstract below) by Christian Decker and Roger Wattenhofer analyzing a year's worth of Bitcoin activity to reach the conclusion that MtGox's claims of losing their bitcoins because of the transaction malleability bug are untrue. The Abstract claims: 'In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. ... In this work we use traces of the Bitcoin network for over a year preceding the filing to show that, while the problem is real, there was no widespread use of malleability attacks before the closure of MtGox.'" Quoting El Reg: "By extracting transaction keys from the transaction set, the researchers say, they were able to identify more than 35,000 transaction conflicts and more than 29,000 “confirmed attacks” covering more than 300,000 Bitcoins." And less than 6000 were actually successful.
This discussion has been archived. No new comments can be posted.

MtGox's "Transaction Malleability" Claim Dismissed By Researchers

Comments Filter:
  • Flawed assumption (Score:1, Interesting)

    by 0dugo0 (735093) on Wednesday April 09, 2014 @10:29AM (#46704529)

    They wrongly assume that they were able to capture all MtGox transaction attempts. Many were posted on their API that were never broadcasted over the network because they were broken / invalid. That didn't stop people from fixing and / or malleating (sp?) them.

  • Dear slashdot, (Score:5, Interesting)

    by Orgasmatron (8103) on Wednesday April 09, 2014 @11:17AM (#46704951)
    This paper has already been widely dismissed by the bitcoin community. Not that we necessarily think that Mtgox was actually hit by a malleability attack. Just that this paper is nonsense.

    The very short version is that what these "researchers" were looking at isn't actually how the alleged bug would have worked.
  • by jythie (914043) on Wednesday April 09, 2014 @11:41AM (#46705171)
    Yeah, but it is still kinda cool to see people dissect exactly how it happens or how claims are untrue. Suspecting and knowing are two very different things.
  • Re:Dear slashdot, (Score:5, Interesting)

    by kasperd (592156) on Wednesday April 09, 2014 @11:53AM (#46705295) Homepage Journal

    Just that this paper is nonsense.

    Care to answer a few questions then?

    • How did the transactions found by these researches happen, if not by a malleability attack?
    • If a malleability attack would not result in transactions looking like what was found by these researchers, then what would it look like?
    • What is the explanation for the spike found just after the announcement, if that was not due to copy-cats attempting malleability attacks?

Opportunities are usually disguised as hard work, so most people don't recognize them.

Working...