The Bitcoin Network Under Attack

The Bitcoin Network Under Attack

If you are involved in the Bitcoin ecosystem at all, in the last 72 hours you have been exposed to the phrase “transaction malleability.” It’s what Mt Gox blamed when it enacted a sudden and prolonged halting of all withdrawals, and it’s the vehicle for what has been called a “massive and concerted attack” on various bitcoin exchanges. Transaction malleability had also been a known characteristic of the Bitcoin protocol for a while, as pointed out by many in the community when Mt Gox cited it as a security liability. Despite all of this tumult within the Bitcoin community, exchange rates have not dropped more than 20% from where they were last week, and that is news on its own considering Bitcoin’s history.

Transaction Malleability

Transaction malleability is the ability for small transaction details to be changed after they are initially signed by the sender, but before they are confirmed by the network at large. When a transaction is first created, it generates a hash of the transaction as a whole to be used as a shorthand identification for that particular transaction. If the signature of the transaction is changed even a little, it will generate an entirely new hash for that same transaction. When exchanges, like Mt Gox, reference the hash ID to validate funding in it’s users accounts, transaction malleability can cause a lot of confusion and slow down the entire ecosystem. The way this happens is by someone generating a transaction with their exchange wallet, and immediately causing the hash to change by altering the transaction signature slightly. This leaves the exchange with two hashes referenced in their accounting, but only one reflected in the users wallet, creating an illusion of dysfunctional accounting.

The Attack, the Response

According to the Bitcoin Foundation’s official release,

Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software.
We (core dev team, developers at the exchanges, and even big mining pools) are creating workarounds and fixes right now. This is a denial-of-service attack; whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming. It’s important to note that DoS attacks do not affect people’s bitcoin wallets or funds.

The seizure of the Silkroad single-handedly crashed the price of bitcoin.

The seizure of Silk Road single-handedly crashed the price of bitcoin.

Even in the face of every major exchange slowing down or halting withdrawals, and the organization that is responsible for identifying security risks admitting a vulnerability in the system, bitcoin exchange rates have witnessed very significant support at the $650 level, a 20% drop from the $800 level we saw last week. This demonstrates significantly more confidence in the Bitcoin protocol than we saw during other events in the last year. When China announced tighter regulation of Bitcoin, we saw a free fall of close to 30% in a single day, and closer to 65% over two weeks; of course, that is nothing compared to the suicide dive prices took when Ross Ulbricht was arrested last year, and The Silkroad shut down.

The Way Forward

These strong support levels at $650 demonstrate not only confidence, but some fairly “strong hands” holding bitcoin. This means the people supporting this price can afford to lose more value, and are not the typical second-mortgage-payday-loan type speculators. This support is indicative of wealthy investors who believe in the Bitcoin protocol, and see it’s potential beyond this temporary attack. When the core and exchange developers find their solution and transactions are back to normal, these strong hands will be the ones continuing to build the muscle atop the skeleton that is bitcoin.