Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: MtGox blames Bitcoin protocol problem for BTC withdrawal issue
by
mb300sd
on 11/02/2014, 02:24:59 UTC
Quote from: phzi on February 11, 2014, 02:05:45 AM
Quote from: mb300sd on February 11, 2014, 01:55:32 AM
Quote from: phzi on February 11, 2014, 01:46:44 AM
Quote from: mb300sd on February 11, 2014, 01:24:52 AM
I proposed a new txid type this morning that would contain only prevout,vout and address,amount pairs. It would only need to be used internally by companies vulnerable to this type of attack and doesn't require 99% of bitcoin users to change a thing. When creating a withdrawal, log the new id and do your lookups based on it when users complain.
The txid you propose could collide, should a spend be made from the same address to the same address in the same amount (a certainly foreseeable circumstance). Non-reuse of addresses after spending from them is simpler, requires no protocol change, and seems to be as Shatoshi himself suggested using the bitcoin protocol.

It cannot collide because inputs (prevout,vout) can only be spent once. Only malleable transactions collide with each other, which is the goal.
Ah yes, using the actual txouts, sure.  Still, maintaining this extra database is unneccesary.  The BTC protocol already provides the means to do with without extra data.  MtGox has also acknowledged your suggested technique as a possibility, and is trying to avoid that overhead.

1 more column in a table and a couple extra lines of code is overhead? Instead they cause a massive crash by blaming it on the bitcoin protocol.

But knowing gox they would have implemented it wrong on their production server and screwed things up worse.