"transaction malleability" issue with PPC?

redlee · February 10, 2014, 12:57pm

According to the MTGOX’s update: https://www.mtgox.com/press_release_20140210.html.
Does PPC has the same “transaction malleability” issue?
I am not surprised if that is the case.
Somebody proposed a solution here:
https://gist.github.com/sipa/8907691

Ben · February 10, 2014, 1:23pm

More background information on the situation:

Sentinelrv · February 10, 2014, 9:03pm

Based on the $h!*storm going over at the Bitcoin subreddit, I wouldn’t put my faith in MtGox’s press release. It seems this issue has been known about for years and everyone else but Gox created a work around. Now that it’s affected their company, they’re trying to shift the blame onto Bitcoin itself. At least this is what I’ve gathered from reading things today. I think this is the end of MtGox.

bhldev · February 11, 2014, 6:53am

It’s an issue of process and customer service. If a customer whines that they didn’t get their bitcoins, you aren’t supposed to just check the transaction id for the error. You should check the timestamp and address off the bitcoin ledger as well. And that only needs to be done if someone tries the scam.

I’m reminded of the 80’s and 70’s where BBSes passed around text files with secrets on how to scam local businesses. In the end the onus is on the business to stop the scam. The “workaround” is to not be a doofus and take the customer’s word that they didn’t get their product and verify in multiple ways. In the case of bitcoin that means timestamp, amount and address verification not just the tx id. It’s also possible to do this automatically.

And of course if MtGox did nothing or just ignored the scammer, nothing would happen. It’s not like the coins don’t get sent and it’s not like the coins are being double spent. MtGox actually has to actively take the scammer’s word and be lazy on the verification for the scam to work.

There’s a few possibilities either MtGox got hit by a scam like this in a big way, or they’re simply being safe after noticing a large amount of these scams. Another possibility is that MtGox got hit by a huge hack and theft of bitcoin and they’re using this as an excuse until they can “figure out” how to pay out. Another (low) possibility is it’s a sheep marketplace about to go rogue. That can never be discounted.

The effect on peercoin is of course minimal since PPC isn’t listed on MtGox other than the usual price drops because of relationship to bitcoin.

d5000 · February 11, 2014, 10:31pm

Seems it’s definitely a problem exceeding MtGox’s implementation. There is a heavy attack now on the BTC network, bitstamp and Bitcoin.de have halted transactions.

BTC developers are now fixing this vulnerability, but PPC should adopt the fix as fast as possible (and update the code to 0.8x, as we seem to use still 0.7x)

jubalix · February 12, 2014, 3:43am

PPC just has to adopt the btc fix.

mably · February 12, 2014, 8:14pm

So is there a “transaction malleability” issue with PPC ? I’ve read somewhere that most alt coins are concerned too.

Could some devs tell us a bit more about it?