How does timejacking enable double spending?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
3
down vote

favorite












http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html



I went over this blog, but I am still not clear how double spending is achieved by this attack. From what I read, the attackers submit wrong timestamps to a target node. During this period, the target wouldn't receive legitimate transactions confirmation because the target node is behind network's median time. However, I am not clear how double spending can be achieved from this.




bitcoin-core security timestamp




share|improve this question























    up vote
    3
    down vote

    favorite












    http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html



    I went over this blog, but I am still not clear how double spending is achieved by this attack. From what I read, the attackers submit wrong timestamps to a target node. During this period, the target wouldn't receive legitimate transactions confirmation because the target node is behind network's median time. However, I am not clear how double spending can be achieved from this.




    bitcoin-core security timestamp




    share|improve this question





















      up vote
      3
      down vote

      favorite









      up vote
      3
      down vote

      favorite











      http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html



      I went over this blog, but I am still not clear how double spending is achieved by this attack. From what I read, the attackers submit wrong timestamps to a target node. During this period, the target wouldn't receive legitimate transactions confirmation because the target node is behind network's median time. However, I am not clear how double spending can be achieved from this.




      bitcoin-core security timestamp




      share|improve this question











      http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html



      I went over this blog, but I am still not clear how double spending is achieved by this attack. From what I read, the attackers submit wrong timestamps to a target node. During this period, the target wouldn't receive legitimate transactions confirmation because the target node is behind network's median time. However, I am not clear how double spending can be achieved from this.





      bitcoin-core security timestamp





      share|improve this question










      share|improve this question




      share|improve this question









      asked Aug 6 at 10:39









      achu thomas

      204




      204




















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          5
          down vote



          accepted










          The blog you linked to talks about a fairly sophisticated attack, involving large scale network manipulation.



          The basic premise is:



          1. You are able to identify the node that belongs to the person/entity you want to execute a double spend against

          2. You trick that node into thinking that the network time is far behind what it actually is (up to a difference of 70 minutes against the node's own system time)

          3. Optionally, you convince other miners that the network is 70 minutes ahead of the actual time.

          This gives us the basic following setup:



          The actual time, T (the actual value of this is irrelevant)



          The majority miners' network time, T+70.



          The victim's network time, T-70.



          In Bitcoin, when a node receives a new block, it runs through some validation checks. If any of these checks fails, the block is deemed invalid. One of these checks is to verify the timestamp in the block header.



          The node checks to verify that this timestamp is within 70 minutes of the what the node believes the network time to be (the network time is the median of the time the peers a node is connected to have reported).



          To execute the attack, the bad actor has created a situation where the victim is 70 minutes behind the actual time, and the rest of the world is mining as if the actual time is 70 minutes ahead of the network time.



          Thus, when a valid block is found, when the victim's node receives it, it will be dismissed as invalid, since from the victim's point of view it is around 140 minutes ahead of the network time (T+70 - T-70).



          The bad actor then uses his own mining power (it is assumed that the attacker has a sufficient share of mining power to produce a few blocks a week) to mine a block that is within the victim's acceptable time parameters. Note that the rest of the network will either already be on a longer chain, or will find a longer chain soon enough, since the attack does not control the majority hashpower.



          By broadcasting this block to the victim, the attacker can convince them that some transaction in that block is confirmed. If required, the attacker can then mine a few more blocks (which may take several days) to trick the victim into believing that the block containing the transaction has been confirmed multiple times.



          At the same time, the attacker will make another transaction spending the same inputs on the much longer chain being mined by the rest of the miners. This will also be confirmed, and receive far more confirmations than the chain being created by the attacker specifically for the victim's node.



          Finally, once the attacker has convinced the victim of the transaction and reaped whatever benefits, the attacker will let the victim's node connect to more honest peers. This will result in the node recalculating the network time, arriving at a more realistic value.



          Once this happens, the victim's node will be able to accept the original, longer, honest chain, which will have more blocks (and more work) since it was being mined by the majority hashpower. This chain contains the double spend of the transaction the victim was tricked into believing was confirmed.



          The minor chain on which the victim was convinced of the transaction will then disappear, being replaced by the longer chain, and leaving only the double spend on the blockchain.






          share|improve this answer























          • Does the targeted node need to make payments in order to double spend?@Raghav Sood
            – achu thomas
            Aug 7 at 10:09











          • Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
            – Raghav Sood
            Aug 7 at 10:37










          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "308"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );








           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f77972%2fhow-does-timejacking-enable-double-spending%23new-answer', 'question_page');

          );

          Post as a guest

















          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          5
          down vote



          accepted










          The blog you linked to talks about a fairly sophisticated attack, involving large scale network manipulation.



          The basic premise is:



          1. You are able to identify the node that belongs to the person/entity you want to execute a double spend against

          2. You trick that node into thinking that the network time is far behind what it actually is (up to a difference of 70 minutes against the node's own system time)

          3. Optionally, you convince other miners that the network is 70 minutes ahead of the actual time.

          This gives us the basic following setup:



          The actual time, T (the actual value of this is irrelevant)



          The majority miners' network time, T+70.



          The victim's network time, T-70.



          In Bitcoin, when a node receives a new block, it runs through some validation checks. If any of these checks fails, the block is deemed invalid. One of these checks is to verify the timestamp in the block header.



          The node checks to verify that this timestamp is within 70 minutes of the what the node believes the network time to be (the network time is the median of the time the peers a node is connected to have reported).



          To execute the attack, the bad actor has created a situation where the victim is 70 minutes behind the actual time, and the rest of the world is mining as if the actual time is 70 minutes ahead of the network time.



          Thus, when a valid block is found, when the victim's node receives it, it will be dismissed as invalid, since from the victim's point of view it is around 140 minutes ahead of the network time (T+70 - T-70).



          The bad actor then uses his own mining power (it is assumed that the attacker has a sufficient share of mining power to produce a few blocks a week) to mine a block that is within the victim's acceptable time parameters. Note that the rest of the network will either already be on a longer chain, or will find a longer chain soon enough, since the attack does not control the majority hashpower.



          By broadcasting this block to the victim, the attacker can convince them that some transaction in that block is confirmed. If required, the attacker can then mine a few more blocks (which may take several days) to trick the victim into believing that the block containing the transaction has been confirmed multiple times.



          At the same time, the attacker will make another transaction spending the same inputs on the much longer chain being mined by the rest of the miners. This will also be confirmed, and receive far more confirmations than the chain being created by the attacker specifically for the victim's node.



          Finally, once the attacker has convinced the victim of the transaction and reaped whatever benefits, the attacker will let the victim's node connect to more honest peers. This will result in the node recalculating the network time, arriving at a more realistic value.



          Once this happens, the victim's node will be able to accept the original, longer, honest chain, which will have more blocks (and more work) since it was being mined by the majority hashpower. This chain contains the double spend of the transaction the victim was tricked into believing was confirmed.



          The minor chain on which the victim was convinced of the transaction will then disappear, being replaced by the longer chain, and leaving only the double spend on the blockchain.






          share|improve this answer























          • Does the targeted node need to make payments in order to double spend?@Raghav Sood
            – achu thomas
            Aug 7 at 10:09











          • Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
            – Raghav Sood
            Aug 7 at 10:37














          up vote
          5
          down vote



          accepted










          The blog you linked to talks about a fairly sophisticated attack, involving large scale network manipulation.



          The basic premise is:



          1. You are able to identify the node that belongs to the person/entity you want to execute a double spend against

          2. You trick that node into thinking that the network time is far behind what it actually is (up to a difference of 70 minutes against the node's own system time)

          3. Optionally, you convince other miners that the network is 70 minutes ahead of the actual time.

          This gives us the basic following setup:



          The actual time, T (the actual value of this is irrelevant)



          The majority miners' network time, T+70.



          The victim's network time, T-70.



          In Bitcoin, when a node receives a new block, it runs through some validation checks. If any of these checks fails, the block is deemed invalid. One of these checks is to verify the timestamp in the block header.



          The node checks to verify that this timestamp is within 70 minutes of the what the node believes the network time to be (the network time is the median of the time the peers a node is connected to have reported).



          To execute the attack, the bad actor has created a situation where the victim is 70 minutes behind the actual time, and the rest of the world is mining as if the actual time is 70 minutes ahead of the network time.



          Thus, when a valid block is found, when the victim's node receives it, it will be dismissed as invalid, since from the victim's point of view it is around 140 minutes ahead of the network time (T+70 - T-70).



          The bad actor then uses his own mining power (it is assumed that the attacker has a sufficient share of mining power to produce a few blocks a week) to mine a block that is within the victim's acceptable time parameters. Note that the rest of the network will either already be on a longer chain, or will find a longer chain soon enough, since the attack does not control the majority hashpower.



          By broadcasting this block to the victim, the attacker can convince them that some transaction in that block is confirmed. If required, the attacker can then mine a few more blocks (which may take several days) to trick the victim into believing that the block containing the transaction has been confirmed multiple times.



          At the same time, the attacker will make another transaction spending the same inputs on the much longer chain being mined by the rest of the miners. This will also be confirmed, and receive far more confirmations than the chain being created by the attacker specifically for the victim's node.



          Finally, once the attacker has convinced the victim of the transaction and reaped whatever benefits, the attacker will let the victim's node connect to more honest peers. This will result in the node recalculating the network time, arriving at a more realistic value.



          Once this happens, the victim's node will be able to accept the original, longer, honest chain, which will have more blocks (and more work) since it was being mined by the majority hashpower. This chain contains the double spend of the transaction the victim was tricked into believing was confirmed.



          The minor chain on which the victim was convinced of the transaction will then disappear, being replaced by the longer chain, and leaving only the double spend on the blockchain.






          share|improve this answer























          • Does the targeted node need to make payments in order to double spend?@Raghav Sood
            – achu thomas
            Aug 7 at 10:09











          • Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
            – Raghav Sood
            Aug 7 at 10:37












          up vote
          5
          down vote



          accepted







          up vote
          5
          down vote



          accepted






          The blog you linked to talks about a fairly sophisticated attack, involving large scale network manipulation.



          The basic premise is:



          1. You are able to identify the node that belongs to the person/entity you want to execute a double spend against

          2. You trick that node into thinking that the network time is far behind what it actually is (up to a difference of 70 minutes against the node's own system time)

          3. Optionally, you convince other miners that the network is 70 minutes ahead of the actual time.

          This gives us the basic following setup:



          The actual time, T (the actual value of this is irrelevant)



          The majority miners' network time, T+70.



          The victim's network time, T-70.



          In Bitcoin, when a node receives a new block, it runs through some validation checks. If any of these checks fails, the block is deemed invalid. One of these checks is to verify the timestamp in the block header.



          The node checks to verify that this timestamp is within 70 minutes of the what the node believes the network time to be (the network time is the median of the time the peers a node is connected to have reported).



          To execute the attack, the bad actor has created a situation where the victim is 70 minutes behind the actual time, and the rest of the world is mining as if the actual time is 70 minutes ahead of the network time.



          Thus, when a valid block is found, when the victim's node receives it, it will be dismissed as invalid, since from the victim's point of view it is around 140 minutes ahead of the network time (T+70 - T-70).



          The bad actor then uses his own mining power (it is assumed that the attacker has a sufficient share of mining power to produce a few blocks a week) to mine a block that is within the victim's acceptable time parameters. Note that the rest of the network will either already be on a longer chain, or will find a longer chain soon enough, since the attack does not control the majority hashpower.



          By broadcasting this block to the victim, the attacker can convince them that some transaction in that block is confirmed. If required, the attacker can then mine a few more blocks (which may take several days) to trick the victim into believing that the block containing the transaction has been confirmed multiple times.



          At the same time, the attacker will make another transaction spending the same inputs on the much longer chain being mined by the rest of the miners. This will also be confirmed, and receive far more confirmations than the chain being created by the attacker specifically for the victim's node.



          Finally, once the attacker has convinced the victim of the transaction and reaped whatever benefits, the attacker will let the victim's node connect to more honest peers. This will result in the node recalculating the network time, arriving at a more realistic value.



          Once this happens, the victim's node will be able to accept the original, longer, honest chain, which will have more blocks (and more work) since it was being mined by the majority hashpower. This chain contains the double spend of the transaction the victim was tricked into believing was confirmed.



          The minor chain on which the victim was convinced of the transaction will then disappear, being replaced by the longer chain, and leaving only the double spend on the blockchain.






          share|improve this answer















          The blog you linked to talks about a fairly sophisticated attack, involving large scale network manipulation.



          The basic premise is:



          1. You are able to identify the node that belongs to the person/entity you want to execute a double spend against

          2. You trick that node into thinking that the network time is far behind what it actually is (up to a difference of 70 minutes against the node's own system time)

          3. Optionally, you convince other miners that the network is 70 minutes ahead of the actual time.

          This gives us the basic following setup:



          The actual time, T (the actual value of this is irrelevant)



          The majority miners' network time, T+70.



          The victim's network time, T-70.



          In Bitcoin, when a node receives a new block, it runs through some validation checks. If any of these checks fails, the block is deemed invalid. One of these checks is to verify the timestamp in the block header.



          The node checks to verify that this timestamp is within 70 minutes of the what the node believes the network time to be (the network time is the median of the time the peers a node is connected to have reported).



          To execute the attack, the bad actor has created a situation where the victim is 70 minutes behind the actual time, and the rest of the world is mining as if the actual time is 70 minutes ahead of the network time.



          Thus, when a valid block is found, when the victim's node receives it, it will be dismissed as invalid, since from the victim's point of view it is around 140 minutes ahead of the network time (T+70 - T-70).



          The bad actor then uses his own mining power (it is assumed that the attacker has a sufficient share of mining power to produce a few blocks a week) to mine a block that is within the victim's acceptable time parameters. Note that the rest of the network will either already be on a longer chain, or will find a longer chain soon enough, since the attack does not control the majority hashpower.



          By broadcasting this block to the victim, the attacker can convince them that some transaction in that block is confirmed. If required, the attacker can then mine a few more blocks (which may take several days) to trick the victim into believing that the block containing the transaction has been confirmed multiple times.



          At the same time, the attacker will make another transaction spending the same inputs on the much longer chain being mined by the rest of the miners. This will also be confirmed, and receive far more confirmations than the chain being created by the attacker specifically for the victim's node.



          Finally, once the attacker has convinced the victim of the transaction and reaped whatever benefits, the attacker will let the victim's node connect to more honest peers. This will result in the node recalculating the network time, arriving at a more realistic value.



          Once this happens, the victim's node will be able to accept the original, longer, honest chain, which will have more blocks (and more work) since it was being mined by the majority hashpower. This chain contains the double spend of the transaction the victim was tricked into believing was confirmed.



          The minor chain on which the victim was convinced of the transaction will then disappear, being replaced by the longer chain, and leaving only the double spend on the blockchain.







          share|improve this answer















          share|improve this answer



          share|improve this answer








          edited Aug 6 at 12:18


























          answered Aug 6 at 12:14









          Raghav Sood

          4,8941826




          4,8941826











          • Does the targeted node need to make payments in order to double spend?@Raghav Sood
            – achu thomas
            Aug 7 at 10:09











          • Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
            – Raghav Sood
            Aug 7 at 10:37
















          • Does the targeted node need to make payments in order to double spend?@Raghav Sood
            – achu thomas
            Aug 7 at 10:09











          • Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
            – Raghav Sood
            Aug 7 at 10:37















          Does the targeted node need to make payments in order to double spend?@Raghav Sood
          – achu thomas
          Aug 7 at 10:09





          Does the targeted node need to make payments in order to double spend?@Raghav Sood
          – achu thomas
          Aug 7 at 10:09













          Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
          – Raghav Sood
          Aug 7 at 10:37




          Usually, when executing a double spend, you would get some other value out of it (such as being able to trade your double spent coins on an exchange). This way, the victim only needs to believe they have received the money, and not need to spend it.
          – Raghav Sood
          Aug 7 at 10:37












           

          draft saved


          draft discarded


























           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f77972%2fhow-does-timejacking-enable-double-spending%23new-answer', 'question_page');

          );

          Post as a guest
































































          Comments

          Post a Comment

          Popular posts from this blog

          White Anglo-Saxon Protestant

          Image
          White Anglo-Saxon Protestants ( WASPs ) are a social group of wealthy and well-connected white Americans, of Protestant and predominantly British ancestry, who trace their ancestry to the American colonial period. Until at least the 1960s, this group has dominated American society and culture and dominated in the leadership of the Whig and Republican parties. They usually are very well placed in major financial, business, legal and academic institutions and had close to a monopoly of elite society due to intermarriage and nepotism. [1] During the latter half of the twentieth century, outsider ethnic and racial groups grew in influence and WASP dominance weakened. Americans are increasingly criticizing the WASP hegemony and disparaging WASPs as the epitome of "the Establishment". The Random House Unabridged Dictionary (1998) says the term is "Sometimes Disparaging and Offensive". [2] [3] The term WASP is often used as a pejorative to classify their historical dom...
          Read more

          Is the Concept of Multiple Fantasy Races Scientifically Flawed? [closed]

          Image
          Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite Many fantasy worlds have multiple humanoid species (elves, orcs, humans, etc) living in the same world, in addition to that, they often have the ability to interbreed. And I can't help but question their believability... fantasy-races reproduction interspecies-relations share | improve this question edited Aug 9 at 14:46 Michael Kjörling ♦ 21.1k 10 85 161 asked Aug 9 at 13:13 Chlodio 118 6 closed as unclear what you're asking by MichaelK, Gryphon, John, Vincent, Frostfyre Aug 9 at 15:25 Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question. ...
          Read more

          One-line joke

          A one-liner is a joke that is delivered in a single line. A good one-liner is said to be pithy - concise and meaningful. [1] Comedians and actors use this comedic method as part of their act, e.g. Jimmy Carr, Tommy Cooper, Rodney Dangerfield, Norm Macdonald, Ken Dodd, Stewart Francis, Zach Galifianakis, Mitch Hedberg, Anthony Jeselnik, Milton Jones, Shappi Khorsandi, Jay London, Mark Linn-Baker, Demetri Martin, Groucho Marx, Dan Mintz, Emo Philips, Tim Vine, Steven Wright and Henny Youngman and Arnold Schwarzenegger. [ citation needed ] Many fictional characters are also known to deliver one-liners, including James Bond, who usually includes pithy and laconic quips after disposing of a villain. [ citation needed ] Examples "A baby seal walks into a club." "A dyslexic man walks into a bra." (Anonymous) "There are three types of people, those who can count and those who can't." "Venison's dear, isn't it?" (Jimmy Carr) "An escala...
          Read more