BITCOIN UNDER ATTACK

Updated: 10/06/2015 14:59
Reprints/Permissions  Hyip Monitor
bitcoin under attack
Bitcoin network is back under attack Coinkite has reported bitcoin malleability attack that requires users to be careful about zero confirmation receipts
Bitcoin network is back under attack Coinkite has reported bitcoin malleability attack that requires users to be careful about zero confirmation receipts

Coinkite, a bitcoin platform that transacts more than 400,000 BTC per month, has reported a bitcoin malleability attack that requires users to be careful about zero confirmation receipts since there are two versions of a transaction (low S high S). Coinkite is requiring one confirmation for deposits before it uses them in a new transaction.

Transactions have been modified and rebroadcast with new transaction numbers, indicating a malleability attack. The attacks have occurred over the last 24 to 48 hours. Almost all transactions on the network have suffered the attacks.

The company noted in a blog that the attacks do not put Coinkite’s customer funds at risk. The modification being made to the transactions is a simple numeric tweak to one number (S) in the ECDSA (Elliptical Curve Digital Signature Algorithm) signature, the blog notes. “It’s documented as part of BIP62 and is called the ‘low S’ requirement.” Coinkite always uses the lower S value, but the attackers have been replacing it with the higher S value.

The attackers change the transactions without any knowledge of the private keys involved. Users cannot trust bitcoin transaction numbers as much when this occurs. Once a transaction sends, the user must understand the transaction might get into the a block under a different hash.

Coinkite urges users to be more careful about action on zero confirmation receipts at the present time. It is not safe to build new transactions on top of the previous one until it confirms, since there are in effect two version of the transactions – the user’s and the high-S version – and the user cannot predict which will be mined. The problem even exists for transactions between trusted parties and between a user’s own accounts.

All deposits into Coinkite accounts must receive one confirmation before Coinkite uses them in a new transaction. See more news on CryptoCoinNews.com


About the author

Brett Sherpan has been working for seven years writing and editing for online and print media. He has held various editing and copywriting positions and can quickly and competently write copy for sales, marketing and editorial content. Brett is a consistently dependable team player, who thrives in a high-pressure environment, enjoying the challenges of meeting deadlines and am comfortable researching, writing and editing on a wide range of topics
You May Also Like