BitShares Forum

Main => General Discussion => Topic started by: dacer on December 24, 2013, 09:33:32 am

Title: Tx hijack to modify output
Post by: dacer on December 24, 2013, 09:33:32 am
I probably should have asked the question somewhere else, but I feel people here may also want to help me understand this little tech-detail.

I was wondering the whole afternoon today whether it's possible for a peer to change transaction outputs (so all money goes to a middleman address) before relaying the modified version of the transaction to the network? I don't see any mechanism to guarantee the integrity of transactions. This seems to be a problem especially when a client connects just to a couple of peers.

Title: Re: Tx hijack to modify output
Post by: toast on December 24, 2013, 10:39:37 pm
The signature on the transaction won't be valid. Very roughly speaking, a signature is like "decrypting" the plaintext message with the private key. Then anyone can check if the transaction is valid by "encrypting" the signature with the public key and checking that it matches the original message.
Title: Re: Tx hijack to modify output
Post by: dacer on December 25, 2013, 06:24:08 am
Thank you, toast, I didn't know each tx has its own signature. is it part of the tx hash?
Title: Re: Tx hijack to modify output
Post by: toast on December 25, 2013, 06:43:07 am
I believe it's a separate field. Check out this page: https://en.bitcoin.it/wiki/Transactions
Title: Re: Tx hijack to modify output
Post by: dacer on December 26, 2013, 01:40:41 am
toast, I read through the wiki and also peaked some code in the reference client implementation. It seems there is no tx integrity check at all, in other words, a miner seems able to modify tx's outputs. Merckle tree doesn't seem to prevent this from happening.
Title: Re: Tx hijack to modify output
Post by: toast on December 26, 2013, 02:21:30 am
I dug around in the code a bit, I'm guessing it's part of CScriptCheck:

https://github.com/bitcoin/bitcoin/blob/master/src/main.cpp#L1341

called from CheckInputs right below