From 96bc22b40cb2efa729d7aeab1ea232fad60a97b1 Mon Sep 17 00:00:00 2001 From: "David A. Harding" Date: Sun, 8 Jun 2014 18:53:37 -0400 Subject: [PATCH] Add Tx Malleability Warning To Spending Unconfirmed Tx Example Suggested and written by @saivann, with a revised version being commited here. Thanks! --- _includes/example_transactions.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/_includes/example_transactions.md b/_includes/example_transactions.md index 55117ecd..1cbb1ce4 100644 --- a/_includes/example_transactions.md +++ b/_includes/example_transactions.md @@ -623,13 +623,21 @@ the block chain or memory pool. {% autocrossref %} - We will now spend the transaction created in the Complex Raw Transaction subsection above without sending it to the local node first. This is the same basic process used by wallet programs for offline signing---which generally means signing a transaction without access to the current UTXO set. +Offline signing is safe. However, in this example we will also be +spending an output which is not part of the block chain because the +transaction containing it has never been broadcast. That can be unsafe: + +**Warning:** transactions which spend outputs from unconfirmed +transactions are vulnerable to transaction malleability. Be sure to read +about transaction malleability and adopt good practices before spending +unconfirmed transactions on mainnet. + {% highlight bash %} > OLD_SIGNED_RAW_TX=0100000002f327e86da3e66bd20e1129b1fb36d07056\ f0b9a117199e759396526b8f3a20780000000049483045022100fce442\