Merge pull #963: Alerts: SPV Mining more details

2025-07-27 01:36:13 +00:00 · 2015-07-04 06:30:24 -04:00 · 2015-07-04 06:30:24 -04:00 · 6a03c57dbf
commit 6a03c57dbf
parent f03a1fba88 311044c512
1 changed files with 72 additions and 10 deletions
--- a/_alerts/2015-07-04-spv-mining.html
+++ b/_alerts/2015-07-04-spv-mining.html
@ -5,16 +5,18 @@ active: true
 banner: "WARNING: many wallets currently vulnerable to double-spending of confirmed transactions (click here to read)"
 ---
 <p><em>This document is being updated as new information arrives.  Last
-update: 2015-07-04 08:15 UTC</em></p>
+update: 2015-07-04 09:30 UTC</em></p>

 {% assign confs="30" %}

 <h2 id="summary">Summary</h2>

-<p>Your bitcoins are safe if you received them in transactions confirmed before 2015-07-04 07:00 UTC.</p>
+<p>Your bitcoins are safe if you received them in transactions confirmed before 2015-07-04 08:00 UTC.</p>

-<p>After that time, confirmation scores are not as reliable as they
-usually are for users of certain software:</p>
+<p>However, there has been a problem with a planned upgrade. For
+   bitcoins received later than the time above, confirmation scores are
+   significantly less reliable then they usually are for users of
+   certain software:</p>

 <ul>
  <li><b>Lightweight (SPV) wallet users</b> should wait an additional {{confs}}
@ -33,8 +35,8 @@ usually are for users of certain software:</p>

 <h2 id="miners">Miners</h2>

-If you pool mine, please switch to a pool that properly validates
-blocks.  (If you solo mine, please switch to Bitcoin Core 0.10.2.)
+<p>If you pool mine, please switch to a pool that properly validates
+blocks.  (If you solo mine, please switch to Bitcoin Core 0.10.2.)</p>

 <p><b>Bad pools:</b> these pools are not correctly validating, and are
 losing money.</p>
@ -54,13 +56,73 @@ systems.</p>
  <li><a href="https://www.f2pool.com/">F2Pool</a></li>
 </ul>

+<h2 id="solution">When Will Things Go Back To Normal?</h2>
+
+<p>The problem is miners creating invalid blocks.  Some software can detect
+that those blocks are invalid and reject them; other software can't
+detect that blocks are invalid, so they show confirmations that aren't
+real.</p>
+
+<ul>
+  <li><b>Bitcoin Core 0.9.5 and later</b> never had any problems because
+      it could detect which blocks were invalid.</li>
+
+  <li><b>Bitcoin Core 0.9.4 and earlier</b> will never provide as much
+      security as later versions of Bitcoin Core because it doesn't know
+      about the additional <a
+      href="https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki">BIP66</a>
+      consensus rules. <a href="/en/download">Upgrade</a> is recommended
+      to return to full node security.</li>
+
+  <li><b>Lightweight (SPV) wallets</b> are not safe for less than
+      {{confs}} confirmations until all the major pools switch to full
+      validation.</li>
+
+  <li><b>Web wallets</b> are very diverse in what infrastructure they
+      run and how they handle double spends, so unless you know for sure
+      that they use Bitcoin Core 0.9.5 or later for full validation, you
+      should assume they have the same security as the lightweight
+      wallets described above.</li>
+</ul>
+
 <h2 id="cause">What's Happening</h2>

-<p>Some miners are currently generating invalid blocks.   Almost all
-software besides Bitcoin Core 0.9.5 and later will accept these invalid
-blocks under certain conditions.</p>
+<p>Summary: Some miners are currently generating invalid blocks. Almost
+   all software (besides Bitcoin Core 0.9.5 and later) will accept these
+   invalid blocks under certain conditions.  The paragraphs that follow
+   explain the cause more throughly.</p>

-<p><b>More information to follow.</b></p>
+<p>For several months, an increasing amount of mining hash rate has been
+   signaling its intent to begin enforcing <a
+   href="https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki">BIP66</a>
+   strict DER signatures.  As part of the BIP66 rules,
+   once 950 of the last 1,000 blocks were version 3 (v3) blocks, all
+   upgraded miners would reject version 2 (v2) blocks.</p>
+
+<p>Early morning UTC on 4 July 2015, the 950/1000 (95%) threshold was
+   reached. Shortly thereafter, a small miner (part of the non-upgraded
+   5%) mined an invalid block--as was an expected occurrence.
+   Unfortunately, it turned out that roughly half the network hash rate
+   was mining without fully validating blocks (called SPV mining), and
+   built new blocks on top of that invalid block.</p>
+
+<p>Note that the roughly 50% of the network that was SPV mining had
+   explicitly indicated that they would enforce the BIP66 rules. By not
+   doing so, several large miners have lost over $50,000 dollars worth
+   of mining income so far.</p>
+
+<p>All software that assumes blocks are valid (because invalid blocks
+   cost miners money) is at risk of showing transactions as confirmed
+   when they really aren't. This particularly affects lightweight (SPV)
+   wallets and software such as old versions of Bitcoin Core which have
+   been downgraded to SPV-level security by the new BIP66 consensus
+   rules.</p>
+
+<p>The immediate fix, which is well underway as of this writing, is to
+   get all miners off of SPV mining and back to full validation (at
+   least temporarily). As this progresses, we will reduce our
+   current recommendation of waiting {{confs}} extra confirmations to a
+   lower number.</p>

 <!--
 <div style="text-align:right">