bitcoin-dev-project / warnet

Monitor and analyze the emergent behaviors of Bitcoin networks

https://warnet.dev

MIT License

67 stars 30 forks source link

Exploit Hopper #356

Open mplsgrant opened 2 months ago

mplsgrant commented 2 months ago

Exploit Hopper

This issue contains exploits which we could demo in Warnet.

[ ] User/pass were encoded in bas64 and sent over the wire: https://bitcoindev.network/exploiting-cve-2018-20587/
[ ] Inflation bug 2018: https://bitcoindev.network/looking-back-on-exploiting-cve-2018-17144/
[ ] >51% DOS: Red produces 2 empty blocks for each valid Blue block: https://github.com/mikekelly/btc-endgame

josibake commented 2 months ago

Merkle root malleability: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190225/a27d8837/attachment-0001.pdf

Could be a fun one, IIRC it involves tricking the node into thinking the block is invalid (by grinding to get the same merkle root as a valid block using duplicate transactions) and then after the node has marked your invalid block as (correctly) invalid, it will reject valid blocks from other peers due to the fact they have the same merkle root.