Timelocked error in bitcoin contracts could spur miners to steal from each other
A widespread mistake has compromised a special type of bitcoin transaction that is supposed to discourage miners from cheating, according to new research.
In a report released in late April, the engineer under the pseudonym 0xb10c found that the network was not accurately applying more than a million of these “blocked”, “timelocked” transactions between September 2019 and March 2020. This increases the risk of a hypothetical form of attack in which miners could essentially steal bitcoin from other miners. The error affects 10% of transactions blocked by time, or 2% of bitcoin transactions in general.
The findings highlight a key area of bitcoin research that aims to prevent miners from becoming too powerful or cheating in various ways to make the world’s largest cryptocurrency, with a market capitalization of around $ 173 billion. , work as designed. 0xb10c is a part of a global network of developers and researchers conducting network battle trials, to protect themselves even from theoretical attacks that have so far not been a big problem.
A time locked or timelocked transaction prevents the bitcoin recipient from accessing it immediately. Instead, the person must wait until the network has added a certain number of blocks to the ledger. Since each new block takes about 10 minutes to record, a time lock can be scheduled to expire at an approximate point in the future by setting a corresponding block height.
For example, a use case for this feature is as a form of award: The Blockstream startup has paid its employees in blocked bitcoins, which theoretically gives them an incentive to do their best and is to raise the value to long-term network.
But the faulty time locks detected by 0xb10c had a more immediate purpose. Established for the current block (so they are not valid until a later block) they are designed to make “a potentially disruptive mining strategy, called sniper, less profitable,” said 0xb10c.
With the payment of fees, a malicious miner tries to replace a block that someone else has just mined with his, including the same transactions and potentially with other transactions that are still pending. The time lock prevents them from including the latter, limiting the spoils of the attack, so it’s not worth the hassle.
A long-term risk
The likelihood of such an attack could increase as transaction fees, which users pay to prioritize their payments, become a more important source of income for miners. Right now, miners mainly rely on block rewards for freshly minted bitcoins to cover their costs. But this revenue stream decreases over time, as the recent halving of the Bitcoin network shows.
“Currently, not imposing a time lock or timelock at an absolute block height has no consequences for most transactions. In a few years, when the block reward mainly consists of transaction fees, it could make paying fees more profitable, ”0xb10c told CoinDesk.
Therefore, the error could be detrimental to the overall network. But right now, it will most likely be a “low priority” issue that is fixed for most wallet services because it does not result in users losing money or affecting timelock time blocks set in the future. 0xb10c said.
Also, the error is a privacy leak for users. The oddly shaped time lock is different from all the other time locks on the network, making it easy for blockchain voyeurs to see that the transaction is coming from a particular wallet.
Many of the faulty transactions detected by 0xb10c were made by a single large entity, which he did not mention. The engineer said he contacted the entity that produces the buggy software, which responded “professionally,” he said, and found a solution to the problem. However, the solution may take time to implement.
He also reported the following: “A solution to this was released in early 2020. However, it will be a while before all instances of the currently deployed software are updated.”
0xb10c hopes that their research will raise awareness of the risk of rate postage attacks so that wallets that have not properly configured time-blocked transactions can fix it, making the Bitcoin network a bit more robust.
The investigator was able to identify and contact the largest entity that produces these flipped transactions, but there are others that are making the same mistake.
“It is difficult to find the respective implementations that create these transactions,” said 0xb10c. “Some of them may not be open source, which makes it even more difficult.”
Disclaimer: This press release is for informational purposes information does not constitute investment advice or an offer to invest. The views expressed in this article are those of the author and do not necessarily represent the views of infocoin, and should not be attributed to, Infocoin.