Abstract
In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. This allows an attacker to mount a malleability attack in which it intercepts, modifies, and rebroadcasts a transaction, causing the transaction issuer to believe that the original transaction was not confirmed. In February 2014 MtGox, once the largest Bitcoin exchange, closed and filed for bankruptcy claiming that attackers used malleability attacks to drain its accounts. In this work we use traces of the Bitcoin network for over a year preceding the filing to show that, while the problem is real, there was no widespread use of malleability attacks before the closure of MtGox.
Chapter PDF
Similar content being viewed by others
References
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, https://bitcoin.org/bitcoin.pdf (Online; accessed March 26, 2014)
Wuille, P.: BIP 0062: Dealing with Malleability (2014), https://github.com/bitcoin/bips (Online; accessed March 10, 2014)
Bamert, T., Decker, C., Elsen, L., Welten, S., Wattenhofer, R.: Have a snack, pay with bitcoin. In: IEEE Internation Conference on Peer-to-Peer Computing (P2P), Trento, Italy (2013)
Decker, C., Wattenhofer, R.: Information propagation in the bitcoin network. In: IEEE International Conference on Peer-to-Peer Computing (P2P), Trento, Italy (September 2013)
Karame, G., Androulaki, E., Capkun, S.: Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin. In: Proc. of Conference on Computer and Communication Security (2012)
MtGox: Mtgox press release announcing the stop of withdrawals (2014), https://www.mtgox.com/press_release_20140210.html (Online; accessed February 10, 2014)
MtGox: Mtgox press release about transaction malleability (2014), https://www.mtgox.com/press_release_20140210.html (Online; accessed February 10, 2014)
MtGox: Announcement regarding an application for commencement of a prodedure of civil rehabilitation, https://www.mtgox.com/img/pdf/20140228-announcement_eng.pdf (Online; accessed March 19)
MtGox: Announcement regarding the applicability of us bankruptcy code chapter 15, https://www.mtgox.com/img/pdf/20140314-announcement_chapter15.pdf (Online; accessed March 19)
Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: Fair two-party computations via the bitcoin deposits. Technical report, Cryptology ePrint Archive (2013)
Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: How to deal with malleability of bitcoin transactions. arXiv preprint arXiv:1312.3230 (2013)
Back, A., Bentov, I.: Note on fair coin toss via bitcoin. arXiv preprint arXiv:1402.3698 (2014)
Rosenfeld, M.: Analysis of hashrate-based double spending (2012), https://bitcoil.co.il/Doublespend.pdf (Online; accessed February 17, 2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Decker, C., Wattenhofer, R. (2014). Bitcoin Transaction Malleability and MtGox. In: Kutyłowski, M., Vaidya, J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham. https://doi.org/10.1007/978-3-319-11212-1_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-11212-1_18
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11211-4
Online ISBN: 978-3-319-11212-1
eBook Packages: Computer ScienceComputer Science (R0)