Bitcoin Transaction Malleability and MtGox

  • Christian Decker
  • Roger Wattenhofer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)

Abstract

In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. This allows an attacker to mount a malleability attack in which it intercepts, modifies, and rebroadcasts a transaction, causing the transaction issuer to believe that the original transaction was not confirmed. In February 2014 MtGox, once the largest Bitcoin exchange, closed and filed for bankruptcy claiming that attackers used malleability attacks to drain its accounts. In this work we use traces of the Bitcoin network for over a year preceding the filing to show that, while the problem is real, there was no widespread use of malleability attacks before the closure of MtGox.

Keywords

Bitcoin Transaction Signature Malleability MtGox Theft 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, https://bitcoin.org/bitcoin.pdf (Online; accessed March 26, 2014)
  2. 2.
    Wuille, P.: BIP 0062: Dealing with Malleability (2014), https://github.com/bitcoin/bips (Online; accessed March 10, 2014)
  3. 3.
    Bamert, T., Decker, C., Elsen, L., Welten, S., Wattenhofer, R.: Have a snack, pay with bitcoin. In: IEEE Internation Conference on Peer-to-Peer Computing (P2P), Trento, Italy (2013)Google Scholar
  4. 4.
    Decker, C., Wattenhofer, R.: Information propagation in the bitcoin network. In: IEEE International Conference on Peer-to-Peer Computing (P2P), Trento, Italy (September 2013)Google Scholar
  5. 5.
    Karame, G., Androulaki, E., Capkun, S.: Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin. In: Proc. of Conference on Computer and Communication Security (2012)Google Scholar
  6. 6.
    MtGox: Mtgox press release announcing the stop of withdrawals (2014), https://www.mtgox.com/press_release_20140210.html (Online; accessed February 10, 2014)
  7. 7.
    MtGox: Mtgox press release about transaction malleability (2014), https://www.mtgox.com/press_release_20140210.html (Online; accessed February 10, 2014)
  8. 8.
    MtGox: Announcement regarding an application for commencement of a prodedure of civil rehabilitation, https://www.mtgox.com/img/pdf/20140228-announcement_eng.pdf (Online; accessed March 19)
  9. 9.
    MtGox: Announcement regarding the applicability of us bankruptcy code chapter 15, https://www.mtgox.com/img/pdf/20140314-announcement_chapter15.pdf (Online; accessed March 19)
  10. 10.
    Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: Fair two-party computations via the bitcoin deposits. Technical report, Cryptology ePrint Archive (2013)Google Scholar
  11. 11.
    Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: How to deal with malleability of bitcoin transactions. arXiv preprint arXiv:1312.3230 (2013)Google Scholar
  12. 12.
    Back, A., Bentov, I.: Note on fair coin toss via bitcoin. arXiv preprint arXiv:1402.3698 (2014)Google Scholar
  13. 13.
    Rosenfeld, M.: Analysis of hashrate-based double spending (2012), https://bitcoil.co.il/Doublespend.pdf (Online; accessed February 17, 2014)

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Christian Decker
    • 1
  • Roger Wattenhofer
    • 1
  1. 1.ETH ZurichSwitzerland

Personalised recommendations