Dear Blockchain Users:

Recent problems at the Mt.Gox bitcoin exchange appear to be the result of an implementation flaw related to a known bitcoin technical issue. The issue is that of “Transaction Malleability”, a problem in certain implementations that allows an attacker to modify a transaction in such a way as to make the same transaction  appear under a different transaction ID (Tx Hash), without changing any of the internal information (sender, recipient, value etc). This issue first became known in 2011 and it does not affect correctly implemented bitcoin clients, such as the reference client (bitcoind/bitcoin-qt).

The well-known and documented issue of “Transaction Malleability” makes it dangerous for bitcoin wallets and bitcoin exchanges to rely on the transaction hash as an authoritative proof, or “receipt” for a transaction. Instead, best practices dictate that implementations of bitcoin verify transactions by checking whether their inputs have been spent by any transactions included in a mined block, rather than relying on the presence (or absence) of the transaction hash in the blockchain.

Blockchain.info’s implementation follows best practices in this respect and does not rely on the transaction hash as verification of spent funds. Instead, if multiple conflicting versions of a transaction against spent inputs are seen on the network, both transactions are highlighted whenever they appear as a “double-spend”, until one of the transactions is confirmed, making the second disappear.

In Blockchain’s wallet implementation, each user of our service controls their own private keys and we don’t maintain internal “account balances” making it impossible to corrupt our internal accounting system in the same way that has affected Mt.Gox. Blockchain wallet users are unaffected by this known implementation issue.

Bitcoin users should not rely on the presence or absence of a transaction hash (aka ID) as confirmation of payment. Before re-sending a transaction that appears unsuccessful, they should check the wallet balance to ensure that the transaction was not submitted under a different ID. The definitive proof of success or failure of a transaction is the address balance (unspent outputs) as calculated after several confirmations. In other words, trust your balance as confirmed by the blockchain consensus, not the transaction ID.

Contrary to many news headlines that describe Transaction Malleability as a “bug” affecting bitcoin and other crypto-currencies, it is not. It is an example of the need to implement transaction verification in the industry-standard way rather than with implementation shortcuts that rely on known-unsafe methodologies. Again, Blockchain.info wallet users are unaffected.

Andreas M. Antonopoulos
Chief Security Officer
Blockchain

60 Comments

    1. Call me at cellphone no.639277326589 gcash globe money transfer for fund from your corporate world…website.www.cadinoworldwides.zendesk.desk.com
      Thank very much ,
      Sergio C. Adino
      Updating my website CEO – Co- founder
      Manager Funder

      1. Yes..thank very much,from zendesk data systems ,being a great opportunities..
        For in the behath of team net work management staff, Again thank very much,
        To each of you staff and manage event
        Thank
        Sergio C. Adino
        CEO-CO-Founder.FUNDER management STAFF

  1. Well said – thanks for taking the time to speak out about this.

  2. Well done! Thanks to a real chief security officer!

  3. Hooray for Blockchain, the prefered wallet for the criminal underworld!

  4. Personally, i liked more your response on twitter *giggle*

  5. Once again – what does it mean to regular Gox user? 🙂

  6. “This issue first became known in 2011 and it does not affect correctly implemented bitcoin clients, such as the reference client (bitcoind/bitcoin-qt)”

    I had a problem with QT version 0.8.5 – a mirror double spend appears in the network just after the original tx.

    More info here:
    https://bitcointalk.org/index.php?topic=457546.0

  7. Hello: i don’t know if you can help me. Last monday, 03/02/2014, somebody stoled me more than 4000€ from my mtgox account when i was working.
    I don’t know if somebody hacked my ipad or it’s a mtgox problem.
    Thanks

  8. I’m glad for your explanation Andreas ! Gox’s problem then and not a bug into the whole bitcoin network. ok then…

  9. Yeah, but your Wallet API returns a TXN Hash as an immediate response for any outgoing payment, which if I’m not mistaken is indeed vulnerable to the maleability issue. So your casual users can’t be scammed, but you are not really doing anything to protect your advanced users.
    That isn’t really your fault, I mean, it’s the protocol’s, and you offer an amazing service, but maybe you should put a warning in the doc page for those programmers that, like me, were relying on the TXN Hash being unique and unalterable:
    https://blockchain.info/en/api/blockchain_wallet_api

  10. Πως μετά από τόσο καιρό πρόεκυψε τώρα αυτό το θέμα?
    Πολλά παιχνίδια παίζονται ………

  11. Reblogged this on luvsiesous and commented:
    I have to admit, this is funny to me.

    How has a currency that was worth nothing become worth more than gold?

    Worth more than copper, I could understand, but gold?

    What is the value added by bitcoin?

    Wayne
    Luvsiesous.com

    1. Haha, good morning, Wayne! 🙂 I would suggest you to watch some of Andreas videos (just youtube ‘andreas bitcoin’) in order to understand what is all the fuzz about 🙂

      1. Edvardas,

        I understand the fuzz about, anytime something is worth more than gold, it attracts attention!

        🙂

        I want to know when the next spike will be, and the next crash?

        I will even share with everyone else.

        Wayne

    2. Wayne:

      when you say things like “I want to know when the next spike will be, and the next crash?”
      … You have no business being in Bitcoin… sorry…

      1. That is too hilarious.

        Bitcoin has always been irrational exuberance and profit taking ….

        Will you eliminate all the other irrational buyers and profit taking sellers?

        Wayne
        Luvsiesous.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.