Coinkite, a bitcoin platform that transacts more than 400,000 BTC per month, has reported a bitcoin malleability attack that requires users to be careful about zero confirmation receipts since there are two versions of a transaction (low S high S). Coinkite is requiring one confirmation for deposits before it uses them in a new transaction.
Transactions have been modified and rebroadcast with new transaction numbers, indicating a malleability attack. The attacks have occurred over the last 24 to 48 hours. Almost all transactions on the network have suffered the attacks.
The company noted in a blog that the attacks do not put Coinkite's customer funds at risk. The modification being made to the transactions is a simple numeric tweak to one number (S) in the ECDSA (Elliptical Curve Digital Signature Algorithm) signature, the blog notes. “It's documented as part of BIP62 and is called the ‘low S' requirement.†Coinkite always uses the lower S value, but the attackers have been replacing it with the higher S value.
The attackers change the transactions without any knowledge of the private keys involved. Users cannot trust bitcoin transaction numbers as much when this occurs. Once a transaction sends, the user must understand the transaction might get into the a block under a different hash.
Coinkite urges users to be more careful about action on zero confirmation receipts at the present time. It is not safe to build new transactions on top of the previous one until it confirms, since there are in effect two version of the transactions – the user's and the high-S version – and the user cannot predict which will be mined. The problem even exists for transactions between trusted parties and between a user's own accounts.
All deposits into Coinkite accounts must receive one confirmation before Coinkite uses them in a new transaction. See more news on CryptoCoinNews.com
