neocarmack
commented
4 years ago Open neocarmack opened 4 years ago
neocarmack
commented
4 years ago 
DeusNexus
commented
3 years ago Is this Malleability attack fixed?
neocarmack
commented
3 years ago yes. But i will close this issue after omnibolt mainnet launches. Currently we tested on testnet.
Bitcoin raw transactions are malleable, if without SegWit. That is to say a transaction can be modified, without invalidate it, but without access to the relevant private keys.
BIP-0062
So that OBD HTLC transactions built upon omni raw transactions are maleable, one participant ( Alice ) can broadcast a modified elder commitment transaction with totally different TxID without trigger the following ED, BR, HERD transactions, but pays himself the same money.
His counterparty (Bob) has no knowledge of this actitvity, and even if Bob knows, his punishment BR transaction can never be broadcast because Alice broadcaseted an transaction with totally different TxID.
When Omnicore supports SegWit, obd shall update all the currently being constructed transacitons.