From 6109262ea21420e37654d43b4ebd7d786e554fe2 Mon Sep 17 00:00:00 2001 From: Saivann Date: Mon, 6 Jul 2015 22:35:09 -0400 Subject: [PATCH] Convert HTML to Markdown --- _alerts/2015-07-04-spv-mining.md | 159 +++++++++++++++---------------- 1 file changed, 75 insertions(+), 84 deletions(-) diff --git a/_alerts/2015-07-04-spv-mining.md b/_alerts/2015-07-04-spv-mining.md index 5f19ed84..a861bc8a 100644 --- a/_alerts/2015-07-04-spv-mining.md +++ b/_alerts/2015-07-04-spv-mining.md @@ -5,84 +5,72 @@ active: true banner: "WARNING: many wallets currently vulnerable to double-spending of confirmed transactions (click here to read)" bannerclass: "alert" --- -

This document is being updated as new information arrives. Last -update: 2015-07-06 02:00. All times are UTC.

+*This document is being updated as new information arrives. Last +update: 2015-07-06 02:00. All times are UTC.* **Note: this alert is on-going: the situation has not yet been resolved. ([Update #1](#update-1))** {% assign confs="30" %} -

Summary

+##Summary -

Your bitcoins are safe if you received them in transactions confirmed before 2015-07-06 00:00 UTC.

+Your bitcoins are safe if you received them in transactions confirmed before 2015-07-06 00:00 UTC. -

However, there has been a problem with a planned upgrade. For - bitcoins received later than the time above, confirmation scores are - significantly less reliable then they usually are for users of - certain software:

+However, there has been a problem with a planned upgrade. For +bitcoins received later than the time above, confirmation scores are +significantly less reliable then they usually are for users of +certain software: - - -

Miners

- -

If you pool mine, please switch to a pool that properly validates -blocks. The Wiki Mining Pool Comparison page currently contains a list of known (or -suspected) good and bad pools.

- -

If you solo mine, please switch to Bitcoin Core 0.10.2.

+If you solo mine, please switch to Bitcoin Core 0.10.2.

When Will Things Go Back To Normal?

-

The problem is miners creating invalid blocks. Some software can detect +The problem is miners creating invalid blocks. Some software can detect that those blocks are invalid and reject them; other software can't detect that blocks are invalid, so they show confirmations that aren't -real.

+real. - +- **Bitcoin Core 0.9.5 and later** never had any problems because +it could detect which blocks were invalid. +- **Bitcoin Core 0.9.4 and earlier** will never provide as much +security as later versions of Bitcoin Core because it doesn't know +about the additional [BIP66][BIP66] +consensus rules. [Upgrade][bitcoin core] is recommended +to return to full node security. +- **Lightweight (SPV) wallets** are not safe for less than +{{confs}} confirmations until all the major pools switch to full +validation. +- **Web wallets** are very diverse in what infrastructure they +run and how they handle double spends, so unless you know for sure +that they use Bitcoin Core 0.9.5 or later for full validation, you +should assume they have the same security as the lightweight +wallets described above.

What's Happening

-

Summary: Some miners are currently generating invalid blocks. Almost - all software (besides Bitcoin Core 0.9.5 and later) will accept these - invalid blocks under certain conditions.

+Summary: Some miners are currently generating invalid blocks. Almost +all software (besides Bitcoin Core 0.9.5 and later) will accept these +invalid blocks under certain conditions. So far, the following forks of two or more blocks have occurred: @@ -98,37 +86,36 @@ So far, the following forks of two or more blocks have occurred: The paragraphs that follow explain the cause more throughly. -

For several months, an increasing amount of mining hash rate has been - signaling its intent to begin enforcing BIP66 - strict DER signatures. As part of the BIP66 rules, - once 950 of the last 1,000 blocks were version 3 (v3) blocks, all - upgraded miners would reject version 2 (v2) blocks.

+For several months, an increasing amount of mining hash rate has been +signaling its intent to begin enforcing [BIP66][BIP66] +strict DER signatures. As part of the BIP66 rules, +once 950 of the last 1,000 blocks were version 3 (v3) blocks, all +upgraded miners would reject version 2 (v2) blocks. -

Early morning on 4 July 2015, the 950/1000 (95%) threshold was - reached. Shortly thereafter, a small miner (part of the non-upgraded - 5%) mined an invalid block--as was an expected occurrence. - Unfortunately, it turned out that roughly half the network hash rate - was mining without fully validating blocks (called SPV mining), and - built new blocks on top of that invalid block.

+Early morning on 4 July 2015, the 950/1000 (95%) threshold was +reached. Shortly thereafter, a small miner (part of the non-upgraded +5%) mined an invalid block--as was an expected occurrence. +Unfortunately, it turned out that roughly half the network hash rate +was mining without fully validating blocks (called SPV mining), and +built new blocks on top of that invalid block. -

Note that the roughly 50% of the network that was SPV mining had - explicitly indicated that they would enforce the BIP66 rules. By not - doing so, several large miners have lost over $50,000 dollars worth - of mining income so far.

+Note that the roughly 50% of the network that was SPV mining had +explicitly indicated that they would enforce the BIP66 rules. By not +doing so, several large miners have lost over $50,000 dollars worth +of mining income so far. -

All software that assumes blocks are valid (because invalid blocks - cost miners money) is at risk of showing transactions as confirmed - when they really aren't. This particularly affects lightweight (SPV) - wallets and software such as old versions of Bitcoin Core which have - been downgraded to SPV-level security by the new BIP66 consensus - rules.

+All software that assumes blocks are valid (because invalid blocks +cost miners money) is at risk of showing transactions as confirmed +when they really aren't. This particularly affects lightweight (SPV) +wallets and software such as old versions of Bitcoin Core which have +been downgraded to SPV-level security by the new BIP66 consensus +rules. -

The recommended fix, which was attempted, was to - get all miners off of SPV mining and back to full validation (at - least temporarily). If this happens, Bitcoin.org will reduce its - current recommendation of waiting {{confs}} extra confirmations to a - lower number.

+The recommended fix, which was attempted, was to +get all miners off of SPV mining and back to full validation (at +least temporarily). If this happens, Bitcoin.org will reduce its +current recommendation of waiting {{confs}} extra confirmations to a +lower number. ## Updates @@ -149,5 +136,9 @@ Please see the list of [invalid block hashes][] on the Bitcoin Wiki. --> +[BIP66]: https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki +[pool list]: https://en.bitcoin.it/wiki/Comparison_of_mining_pools#SPV_Mining_.2F_Old_Bitcoin_Core +[bitcoin core]: /en/download +[SPV]: http://bitcoin.stackexchange.com/questions/4649/what-is-an-spv-client [electrum note]: https://en.bitcoin.it/wiki/July_2015_Forks#Electrum [invalid block hashes]: https://en.bitcoin.it/wiki/July_2015_Forks#Invalid_Block_Hashes