A recent incident on the Bitcointalk forum has highlighted a security vulnerability in Bitcoin transactions, specifically targeting the popular Bitcoin gambling site SatoshiDice. The attack involved an attempt to reverse an unconfirmed transaction, resulting in the attacker's original loss being erased.
The attacker's strategy was relatively straightforward. They initially placed a 0.25 BTC bet against SatoshiDice with no transaction fees, which they intentionally lost. Immediately after receiving the notification of their loss, they sent another 0.25 BTC transaction to themselves, this time with a transaction fee, aiming to encourage miners to prioritize the second transaction over the first. However, this initial strategy failed, forcing the attacker to adopt a new tactic.
To make the second attempt successful, the attacker deliberately made the transaction "spammy" by splitting the funds into twenty inputs of 0.01 BTC each. They then tried to overwrite the initial transaction with a 0.20 BTC transaction to themselves, offering a generous 0.004 BTC fee. This time, the mining pool BTC Guild confirmed the second transaction over the first, resulting in the attacker's original loss disappearing.
It is crucial to note that this incident does not undermine the overall security of Bitcoin as a whole, except for a limited number of applications. Bitcoin transactions have two confirmation stages: network propagation, which takes a few seconds, and block confirmation, which takes approximately ten minutes. Most Bitcoin-accepting businesses wait for one block confirmation before finalizing transactions, which protects them from such attacks.
For vendors selling physical goods and online services, fraudulent transactions can be easily canceled even hours after the original payment notification. In the case of consumable digital goods, providers typically take up to 30 minutes to deliver the goods, allowing time for confirmation or implementing patches to address the issue. The current practice of instant confirmations can still be maintained from the customer's perspective, providing reassurance that the transaction has successfully reached the merchant.
Digital download stores offering instant downloads are also safeguarded against significant monetary loss. Since digital goods have minimal marginal costs, attempts to force refunds through this technique are comparable to downloading them through torrent networks. The impact on honest customers and artists remains negligible.
To address this vulnerability, businesses can implement simple solutions such as waiting for one block confirmation before processing irreversible actions. Companies like SatoshiDice have already taken steps to address the issue by requiring transaction fees for incoming bets. Other measures include employing software solutions like ZipConf, which broadcasts the initial transaction quickly to the network, making subsequent conflicting transactions less likely to gain traction.
By cooperating with miners and Bitcoin developers,
businesses can introduce patches that prioritize older transactions over
conflicting ones, providing an added layer of defense. While this attack
presents a challenge, it is manageable with the community's concerted effort to
patch vulnerabilities and ensure the security of Bitcoin transactions.