freedomsponsors/www.freedomsponsors.org

Defend against transaction malleability

Opened this issue · 0 comments

tonylampada commented

I'm investigating this, but any help is appreciated.

as soon as we confirm we received bitcoins from a sponsor, we keep a 3% fee send the rest to the programmer, using the bitcoin RPC
API.

Sending through the API returns a transaction hash that we store in our
database.

Later we receive a HTTP notification with the transaction details.

If that notification contains a transaction hash that doesn't match
anything on the database, freedomsponsors.org sends me an email that
basically says: "HEADS UP: Blockchain is telling me there is an outgoing
transaction that I don't know about".

Related code:
https://github.com/freedomsponsors/www.freedomsponsors.org/blob/master/djangoproject/core/services/bitcoin_frespo_services.py

Today, I got two of those emails. Boy did that freak me out.
I thought someone had broken into our account and started stealing coins.
Only later I could investigate and understand what happened (phew):

The transactions created by freedomsponsors.org (those hashes were returned
by the RPC API call)

  1. hash = b4b02450faecfe399340f4442eb3c9526ee78e7c0048e055988ce001bb5cfe70
    amount = 0.03130000
    from = 1NBf55HCN4e4VALVktfxBmqsAuakUtheSg
    to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW

  2. hash = 18311e095c3d8426025ab87fae87e988e1fbad09ba01db32586d066fc28ba87d
    amount = 0.01570000
    from = 14LkZoYgcheQCkj1mk6oEKqDsxcKHNAT7q
    to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW

Those transaction hashes cannot be found in the blockchain anymore
Instead, there are similar outgoing transactions in my wallet, but with
different hashes:

  1. hash = 74709ada277d65cbc8f507e41ca5955cd70456d8248cf0f25cd82ddc28217bac
    amount = 0.0313
    from = 1NBf55HCN4e4VALVktfxBmqsAuakUtheSg
    to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW

  2. hash = a76f239a327e8b61f7c3f942d52066696c58ad13fb19e4ec7f523a342a12db59
    amount = 0.01569999
    from = 14LkZoYgcheQCkj1mk6oEKqDsxcKHNAT7q
    to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW

So... what I take from this is that I can't trust transaction hashes
anymore, is that it?
Instead should I verify transactions based on "from" and "to"?
Or is there any more reliable way of telling whether money I sent has
reached the wallet on the other side?