from the double-double-toil-and-trouble;-fire-burn-and-caldron-bubble dept.
Summary
Your bitcoins are safe if you received them in transactions confirmed before 2015-07-04 15:00 UTC.
However, there has been a problem with a planned upgrade. For bitcoins received later than the time above, confirmation scores are significantly less reliable then they usually are for users of certain software:
- Lightweight (SPV) wallet users should wait an additional 30 confirmations more than you would normally wait.
- Bitcoin Core 0.9.4 or earlier users should wait an additional 30 confirmations more than you would normally wait or upgrade to Bitcoin Core 0.10.2.
- Web wallet users should wait an additional 30 confirmations more than you would normally wait, unless you know for sure that your wallet is secured by Bitcoin Core 0.9.5 or later.
- Bitcoin Core 0.9.5 or later users are unaffected. (Note: upgrade to 0.10.2 is recommended due to denial-of-service vulnerabilities unrelated to this alert.)
[More after the break.]
The incident status page describes the cause of the problem:
For several months, an increasing amount of mining hash rate has been signaling its intent to begin enforcing BIP66 strict DER signatures. As part of the BIP66 rules, once 950 of the last 1,000 blocks were version 3 (v3) blocks, all upgraded miners would reject version 2 (v2) blocks.
Early morning UTC on 4 July 2015, the 950/1000 (95%) threshold was reached. Shortly thereafter, a small miner (part of the non-upgraded 5%) mined an invalid block--as was an expected occurrence. Unfortunately, it turned out that roughly half the network hash rate was mining without fully validating blocks (called SPV mining), and built new blocks on top of that invalid block.
It further describes the impact of this on Bitcoin users:
All software that assumes blocks are valid (because invalid blocks cost miners money) is at risk of showing transactions as confirmed when they really aren't. This particularly affects lightweight (SPV) wallets and software such as old versions of Bitcoin Core which have been downgraded to SPV-level security by the new BIP66 consensus rules
There has already been lost revenue as a result of this incident, with the status page stating "several large miners have lost over $50,000 dollars worth of mining income so far." The status page will be updated as this situation unfolds. There is currently a big red warning message at the top of their status page that prominently states: "many wallets currently vulnerable to double-spending of confirmed transactions."
[Update: corrected links to 0.10.2 - Ed.]
Original Submission
(Score: 0, Insightful) by Anonymous Coward on Sunday July 05 2015, @06:25AM
...is vulnerable after all.
surprise fucking surprise
if it aint backed by a commodity like gold or silver, in the long run it aint worth the paper its printed on
(Score: 4, Informative) by The Mighty Buzzard on Sunday July 05 2015, @02:16PM
Backed commodities have exactly the same intrinsic worth that unbacked commodities have: zero. All value is ultimately determined by what someone will give you in return for your currency of choice. Even gold/Silver/etc... are only worth anything because people believe they are.
My rights don't end where your fear begins.
(Score: -1, Redundant) by Anonymous Coward on Sunday July 05 2015, @06:27AM
But I was promised getting rich quick! How the fuck could this happen?! What do you mean fake money is fake?!! wHAT THE FUCK!?
(Score: -1, Flamebait) by Anonymous Coward on Sunday July 05 2015, @06:39AM
If you thought you'd be smart and go to College instead of joining up to fight in Obama's Wars, and now you can't find work because every employer sees you as a traitor for choosing not to volunteer to fight in Obama's Wars, and you thought you could make a living by mining Bitcoin instead, well you're totally fucked now. You should have volunteered to fight in Obama's Wars, loser!
(Score: 2, Informative) by wirelessduck on Sunday July 05 2015, @06:56AM
The Bitcoin 0.10.2 download link is pointing to https://soylentnews.org/en/download [soylentnews.org]
(Score: 3, Informative) by martyb on Sunday July 05 2015, @10:28AM
Thanks for pointing that out; I've updated the story and you should see the correction appear shortly.
I'm curious how that could have happened, though. I went to the linked status page, highlighted the text you see here, did a 'view source', copied their source HTML, and pasted it into the story here! It seemed to be the fastest way to get the text AND the links brought over to the story.
Aha! Their page used an absolute link address, but omitted the domain name from the url. That *is* a valid construct (we use it often here on this site) but I'd not thought of it when I copied things over. Mea culpa -- I'll keep my eyes peeled for this kind of issue in the future.
Details. Their page links were of the form:
and for the link to work here, it needed to be changed to:
Thanks again for kindly pointing out the mistake.
Wit is intellect, dancing.
(Score: 2) by No Respect on Sunday July 05 2015, @08:39AM
"an increasing amount of mining hash rate has been signaling its intent to begin enforcing BIP66 strict DER signatures"
I need that translated into clear English. So an increasing rate has been signaling? OK. It's gobbeldygook, but whatever. And the increasing rate has been signaling its intent to enforce something. That's meaningless, too. The thing that's going to be enforced, BIP66 strict DER signatures, is the only comprehensible part of the sentence.
Maybe it's just me, but before I take Bitcoin seriously I expect them to be able to issue coherent public statements in English. This situation sounds like it might be at least somewhat serious, but I can't even understand what the fuck they're talking about.
(Score: 5, Informative) by cosurgi on Sunday July 05 2015, @09:07AM
You just don't know how the protocol works:
"an increasing amount of mining hash rate"
It means that more and more miners (and their hash rate, where hash rate is their computation speed, in range of petaflops, or whatever)
"has been signaling"
were calculating blocks with version 3 instead of older blocks with protocol version 2
"its intent to begin enforcing BIP66 strict DER signatures"
where the BIP66 (a new feature in the protocol) is part of block version 3.
In the algorithm it is hardcoded that when 950 of last 1000 blocks are of version 3, then blocks with version 2 should be rejected. This thing happened, and suddenly the very minority of miners who were still generating blocks of version 2 had their blocks rejected by the rest of the network. Those miners were too lazy to upgrade their software. Now they have lost 50000USD. Maybe that will teach them something.
#
#\ @ ? [adom.de] Colonize Mars [kozicki.pl]
#
(Score: 4, Informative) by Anonymous Coward on Sunday July 05 2015, @01:43PM
That's how it was supposed to be. The problem is that a large percentage of the miners who generate v3 blocks don't actually enforce the v2 rejection, so the 95% v3 creation threshold was reached, but much more than 5% of the miners still accept v2 blocks. That leads to more and longer than expected blockchain fragments being created which have invalid blocks in them. Eventually these chains are rejected, but it can take a while due to the large number of miners that don't follow the protocol, hence the recommendation to wait for more confirmations. If you see a transaction on an invalid blockchain and your client does not itself reject the chain, then you might be inclined to trust that it actually happened. The transaction can then be "repeated" (actually performed) on a/the valid blockchain. This creates an opportunity for double spending.
Blockchain splits happen all the time as a normal effect of the distributed race to solve the next block. That's why you need to wait for several confirmations (i.e. until your transaction has enough computations piled on top of it) to be reasonably sure that you're on the right chain. Due to a large scale implementation weakness, the amount of computation needed to be sure that you're on the right chain is currently larger than normal, if you're using a client which doesn't strictly verify the blockchain.
(Score: 2) by cosurgi on Monday July 06 2015, @08:43AM
Thanks, I didn't know this part.
#
#\ @ ? [adom.de] Colonize Mars [kozicki.pl]
#
(Score: 2) by FatPhil on Monday July 06 2015, @11:49AM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2, Troll) by Justin Case on Sunday July 05 2015, @11:12AM
Quick, everybody install the fix (is in) from nsa.gov/botcoin
If you don't read the source, you're giving control to whoever wrote the software. If you do read the source, you're probably still giving control to whoever wrote the software, because computers aren't simple anymore.
Giving control to strangers is usually OK... as long as your computer doesn't have money on it or anything else you care to keep secret.
(Score: 0) by Anonymous Coward on Sunday July 05 2015, @01:14PM
Giving control to strangers is usually OK
But not absolute control, as is the case with proprietary software. Furthermore, with proprietary software, you can't pick who you trust to deliver, inspect, and modify that software.
(Score: 2, Offtopic) by Justin Case on Sunday July 05 2015, @11:17AM
Whenever I see "More after the break" or "More below the fold" I figure I'm dealing with someone whose brain never escaped from newsprint. Either that, or they believe everyone else has their computer.
There is no "break" or "fold" except for the message telling me there's more after the message telling me there's more. But I know that already. I have a scroll bar. Or in my case, I have a monitor larger than a deck of playing cards.
(Score: 2, Informative) by rigrig on Sunday July 05 2015, @11:29AM
There is no "break" or "fold"
Only the bit above [More after the break.] shows up on the front page and in the RSS feed.
No one remembers the singer.
(Score: 2) by Justin Case on Sunday July 05 2015, @11:55AM
Interesting hypothesis, thank you.
However the RSS feed I'm getting has the whole summary... curiously minus the self-referencing "break" message. I checked view-source of the RSS message and nope, it isn't even hidden.
That leaves the front page as a valid use case. So maybe the "more" message should be in the front page software, not the article text which as we now see, goes several places?
(Score: 3, Informative) by martyb on Sunday July 05 2015, @01:11PM
Yes, as you surmised this is an artifact of the UI and our best current efforts at a workaround. When editing a story, there are two places in which the story text can be placed: "Intro Copy" and "Extended Copy."
When you load the main page of the site https://soylentnews.org/ [soylentnews.org], only the text which is in the "Intro Copy" area is displayed. One needs to click on one of the links below the story (e.g. the "Read More..." button or the "n Comments" link) in order to see the text in the "Extended Copy" part of the story.
If one does not notice the additional link below the story (in this case it reads "441 words in story"), then one could get the mistaken assumption that there is nothing more to the story. Though redundant in some cases, we have chosen to include some text along the lines of "[More after the break...]" to make this abundantly clear. The motivation is that we had several cases where discussions went sideways with hypotheses that were already answered in the "Extended Copy" text! This part of the UI admittedly requires some work. I have some ideas, but need to put it into writing and submit it to the devs.
By the way, there is another place where the "Extended Copy" does not appear -- in the e-mails sent out with the day's stories. Registered users can request this e-mail in your preferences.
Lastly, if you are aware of any other places in the UI where this might be an issue, I would very much appreciate your replying to this comment with that info so I can include it in the rework.
Wit is intellect, dancing.
(Score: 2) by ticho on Sunday July 05 2015, @02:37PM
It's simple - get rid of the concept of two copies entirely. It is useless, as GP has mentioned.
(Score: 2) by martyb on Wednesday July 08 2015, @12:19PM
Useless? Imagine these stories appearing on the main page, in their entirety:
Some people may not find those stories interesting. Imagine that you need to scroll through those walls of text in order to get to the next story. Also consider that not everyone is viewing this site on a desktop monitor or large tablet; I know of at least one person who regularly reads the site using the 320x240 display on their mobile phone.
I see the ability to present a portion of the story, and provide access to the rest of the story as a desirable feature for the site. As for the implementation? I'm with others on that one in that it could use some work.
Wit is intellect, dancing.
(Score: 5, Insightful) by zafiro17 on Sunday July 05 2015, @01:33PM
I fully expect to be modded into oblivion for this, but I'm a skeptic where it comes to bitcoin. I fully appreciate the desire to do away with nation states and their financial apparatus and usher in a new, nerd-revolution with its currency. But I am still not convinced it's not just a huge ponzi scheme.
That's too extreme a statement. What I mean is, Bitcoin is sure to have vulnerabilities and problems and flaws - this is clearly one of them - and I remain attentive, thinking it will some day collapse, taking with it a lot of nerd hopes and a fair chunk of their money.
Moderators - do your worst.
Dad always thought laughter was the best medicine, which I guess is why several of us died of tuberculosis - Jack Handey
(Score: 0) by Anonymous Coward on Sunday July 05 2015, @05:38PM
no sir, it will not run the future economy.
but at the moment it IS the hit article in toys'r'us.