Bitcoin Chain Fork Double Spend Incident: Difference between revisions
(Another 30 minutes. Review of the BIP and tracing back the history of the BIP. Updated with information from the bitcoin wiki. Removed a broken source link which couldn't be found in any archive. Structuring information from the about section to other relevant sections.) |
(Another 30 minutes. Added timeline information from BitcoinTalk thread. Researched the transaction data in the block explorer. Further revisions to content.) |
||
| Line 35: | Line 35: | ||
!Description | !Description | ||
|- | |- | ||
|March 12th, 2013 6:22:02 PM MDT | |March 12th, 2013 2:08:00 AM MDT | ||
|BTC-E Deposit Made | |||
|"Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee."<ref name="bitcointalk-11434" /> | |||
|- | |||
|March 12th, 2013 3:30:00 AM MDT | |||
|Transaction Included | |||
|"The transaction was included in version 0.8's fork, block 225446"<ref name="bitcointalk-11434" /> | |||
|- | |||
|March 12th, 2013 4:08:00 AM MDT | |||
|Credit To BTC-E Account | |||
|"Deposit completed, $9800 credited to my BTC-e account"<ref name="bitcointalk-11434" /> | |||
|- | |||
|March 12th, 2013 6:53:00 AM MDT | |||
|Replay Withdrawal To Pre-0.8 Chain | |||
|"After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction."<ref name="bitcointalk-11434" /> | |||
|- | |||
|March 12th, 2013 7:01:00 AM MDT | |||
|Double Spend Transaction Included | |||
|"The double spend transaction was included in pre-0.8 fork block 225446"<ref name="bitcointalk-11434" /> | |||
|- | |||
|March 12th, 2013 12:22:02 PM MDT | |||
|Bitcoin Talk Post | |Bitcoin Talk Post | ||
| | |An article about the double spend and the timeline of events is posted on the Bitcoin Talk forum<ref name="bitcointalk-11434" />. | ||
|- | |- | ||
|March 20th, 2013 10:34:00 AM MDT | |March 20th, 2013 10:34:00 AM MDT | ||
|Post-Mortem Released | |Post-Mortem Released | ||
|A post-mortem is released by Gavin Andresen with additional details about the incident on the Bitcoin Wiki<ref>[https://en.bitcoin.it/w/index.php?title=BIP_0050&oldid=36239 BIP_0050 Original Version From March 20th, 2013 10:34:00 AM MDT - Bitcoin Wiki] (Accessed Mar 8, 2024)</ref>. | |A post-mortem is released by Gavin Andresen with additional details about the incident on the Bitcoin Wiki<ref>[https://en.bitcoin.it/w/index.php?title=BIP_0050&oldid=36239 BIP_0050 Original Version From March 20th, 2013 10:34:00 AM MDT - Bitcoin Wiki] (Accessed Mar 8, 2024)</ref>. | ||
|- | |||
|July 13th, 2019 4:25:00 AM MDT | |||
|Hack Used As Example | |||
|Eric Wall references the chain split in a discussion to refute the statement that "The Bitcoin blockchain has never been hacked"<ref>[https://twitter.com/ercwl/status/1149988326029574144 ercwl - "$10,000 double-spend against OKPAY as a result of the 2013 LevelDB/BerkeleyDB chainsplit" - Twitter] (Accessed Mar 12, 2024)</ref>. | |||
|} | |} | ||
| Line 56: | Line 80: | ||
Note that BDB locks are also required during processing of re-organizations. Versions prior to 0.8 may be unable to process some valid re-orgs." | Note that BDB locks are also required during processing of re-organizations. Versions prior to 0.8 may be unable to process some valid re-orgs." | ||
The transaction, presently invalid based on the current bitcoin blockchain<ref>[https://www.blockchain.com/explorer/transactions/btc/12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195 Double Spent Deposit To BTC-E - Blockchain] (Accessed Mar 12, 2024)</ref><ref>[https://web.archive.org/web/20130315031720/http://blockchain.info/tx/12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195 Blockchain Transaction Double-Spent Deposit To BTC-E - Blockchain Archive March 14th, 2013 9:17:20 PM MDT] (Accessed Mar 12, 2024)</ref>: | |||
[https://www.blockchain.com/explorer/transactions/btc/12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195 12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195] | |||
https://web.archive.org/web/20130315031720/http://blockchain.info/tx/12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195 | |||
== Total Amount Lost == | == Total Amount Lost == | ||
| Line 74: | Line 104: | ||
This situation meant that older nodes which did not implement that improvement proposal or manually increase their number of supported locks would not be able to validate the bitcoin blockchain. | This situation meant that older nodes which did not implement that improvement proposal or manually increase their number of supported locks would not be able to validate the bitcoin blockchain. | ||
== Individual Prevention Policies == | == Individual Prevention Policies == | ||
{{Prevention:Individuals: | {{Prevention:Individuals:No Individual Funds Lost}} | ||
{{Prevention:Individuals:End}} | {{Prevention:Individuals:End}} | ||
Revision as of 11:35, 12 March 2024
Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
A larger-than-usual block with more transaction inputs was mined and broadcasted, causing a fork in the Bitcoin blockchain. Bitcoin 0.8 nodes managed this well, but pre-0.8 nodes rejected it, resulting in an unexpected split. The 0.8-incompatible chain held about 60% of the mining hash power, preventing an automatic resolution. To restore a canonical chain, BTCGuild and Slush downgraded their Bitcoin 0.8 nodes to 0.7, making the majority hashpower favor the chain without the larger block, eventually causing 0.8 nodes to reorganize to the pre-0.8 chain. During this period, there was a notable double spend, but it was an experiment rather than a malicious act.
This is a global/international case not involving a specific country.[1][2][3]
About Bitcoin
Bitcoin is the largest and first blockchain network, originally launched by an anonymous founder Satoshi Nakamoto.
About Gavin Andresen
Gavin Andresen is one of the lead developers for the bitcoin blockchain.
About BTC-e
BTC-e was one of the largest historic exchanges prior to it's shutdown by authorities in 2017.
The Reality
Insufficient testing had been performed on bitcoin blocks[1]. No testing had been performed with blocks that were smaller in size but required more locks to be established on the BerkeleyDB[1].
What Happened
A double-spend transaction occurred due to the blockchain split.
"08:08 – Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee.
09:30 – The transaction was included in version 0.8's fork, block 225446
10:08 – Deposit completed, $9800 credited to my BTC-e account
12:53 – After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction.
13:01 – The double spend transaction was included in pre-0.8 fork block 225446"
| Date | Event | Description |
|---|---|---|
| March 12th, 2013 2:08:00 AM MDT | BTC-E Deposit Made | "Well before I knew what later have happened, I deposited $10000-worth Bitcoins to BTC-e over OKPAY's Bitcoin payment, I paid OKPAY address 12z2n8YCJw1BEsJhhQPLCTuLqwH341nKnE 211.9093 BTC and 0.0005 BTC as transaction fee."[3] |
| March 12th, 2013 3:30:00 AM MDT | Transaction Included | "The transaction was included in version 0.8's fork, block 225446"[3] |
| March 12th, 2013 4:08:00 AM MDT | Credit To BTC-E Account | "Deposit completed, $9800 credited to my BTC-e account"[3] |
| March 12th, 2013 6:53:00 AM MDT | Replay Withdrawal To Pre-0.8 Chain | "After some study, I recognized, the transaction, though included in version 0.8's fork, was never confirmed by the pre-0.8 fork, so I decided to make two double spend transactions on two of the vins of the OKPAY transaction, and broadcasted them with the raw transaction API, 0.001 BTC transaction fee included in each transaction."[3] |
| March 12th, 2013 7:01:00 AM MDT | Double Spend Transaction Included | "The double spend transaction was included in pre-0.8 fork block 225446"[3] |
| March 12th, 2013 12:22:02 PM MDT | Bitcoin Talk Post | An article about the double spend and the timeline of events is posted on the Bitcoin Talk forum[3]. |
| March 20th, 2013 10:34:00 AM MDT | Post-Mortem Released | A post-mortem is released by Gavin Andresen with additional details about the incident on the Bitcoin Wiki[4]. |
| July 13th, 2019 4:25:00 AM MDT | Hack Used As Example | Eric Wall references the chain split in a discussion to refute the statement that "The Bitcoin blockchain has never been hacked"[5]. |
Technical Details
"A block that had a larger number of total transaction inputs than previously seen was mined and broadcasted. Bitcoin 0.8 nodes were able to handle this, but some pre-0.8 Bitcoin nodes rejected it, causing an unexpected fork of the blockchain. The pre-0.8-incompatible chain (from here on, the 0.8 chain) at that point had around 60% of the mining hash power ensuring the split did not automatically resolve (as would have occurred if the pre-0.8 chain outpaced the 0.8 chain in total work, forcing 0.8 nodes to reorganise to the pre-0.8 chain).
In order to restore a canonical chain as soon as possible, BTCGuild and Slush downgraded their Bitcoin 0.8 nodes to 0.7 so their pools would also reject the larger block. This placed majority hashpower on the chain without the larger block, thus eventually causing the 0.8 nodes to reorganise to the pre-0.8 chain."
"During this time there was at least one large double spend. However, it was done by someone experimenting to see if it was possible and was not intended to be malicious."
"Because max-sized blocks had been successfully processed on the testnet, it did not occur to anyone that there could be blocks that were smaller but require more locks than were available. Prior to 0.7 unmodified mining nodes self-imposed a maximum block size of 500,000 bytes, which further prevented this case from being triggered. 0.7 made the target size configurable and miners had been encouraged to increase this target in the week prior to the incident.
Bitcoin 0.8 did not use Berkeley DB. It switched to LevelDB instead, which did not implement the same locking limits as BDB. Therefore it was able to process the forking block successfully.
Note that BDB locks are also required during processing of re-organizations. Versions prior to 0.8 may be unable to process some valid re-orgs."
The transaction, presently invalid based on the current bitcoin blockchain[6][7]:
12814b8ad57ce5654ba69eb26a52ddae1bff42093ca20cef3ad96fe7fd85d195
Total Amount Lost
The total amount lost has been estimated at $10,000 USD.
Immediate Reactions
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
Large mining pools reverted their bitcoin clients back to the 0.7 version of the chain.
Ultimate Outcome
The issue was resolved on August 16th, 2013[1] which forked unpatched nodes off the network.
Total Amount Recovered
The total amount recovered has been estimated at $10,000 USD. The individual performing the double spend was not malicious in nature.
Ongoing Developments
This situation meant that older nodes which did not implement that improvement proposal or manually increase their number of supported locks would not be able to validate the bitcoin blockchain.
Individual Prevention Policies
This case does not appear to have resulted in a loss to any individual.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ 1.0 1.1 1.2 1.3 March 2013 Chain Fork Post-Mortem - BIPS.xyz (Accessed Oct 11, 2022)
- ↑ 3.0 3.1 3.2 3.3 3.4 3.5 3.6 A successful DOUBLE SPEND US$10000 against OKPAY this morning. - BitcoinTalk (Aug 14, 2023)
- ↑ BIP_0050 Original Version From March 20th, 2013 10:34:00 AM MDT - Bitcoin Wiki (Accessed Mar 8, 2024)
- ↑ ercwl - "$10,000 double-spend against OKPAY as a result of the 2013 LevelDB/BerkeleyDB chainsplit" - Twitter (Accessed Mar 12, 2024)
- ↑ Double Spent Deposit To BTC-E - Blockchain (Accessed Mar 12, 2024)
- ↑ Blockchain Transaction Double-Spent Deposit To BTC-E - Blockchain Archive March 14th, 2013 9:17:20 PM MDT (Accessed Mar 12, 2024)
Cite error: <ref> tag with name "newsletter-11414" defined in <references> is not used in prior text.