Bitcoin Cash Vigilante ‘Liquidates’ Upgraded Blockchain Attacker’s Funds
By CCN: An attempted disruption of the Bitcoin Cash blockchain resulted in a negative outcome for the attacker. A BCH tinkerer with Reddit username NilacTheGrim boasted yesterday that he had “liquidated” the crypto funds belonging to the would-be blockchain bandit.
Weak Address Security Come Back to Bite Bitcoin Cash Attacker
To do so, he found a flaw in the wallet security model used by the attacker, who has not identified himself or been identified at press time.
“The attackers used p2sh addresses that had easily guessable scriptSigs (they lacked a signature altogether to redeem). […] I ended up liquidating about ~1.2BCH of their funds just now […] So you will see the mempool now has lots of tx’s and is 18MB full as of the time of this writing. These tx’s are all the special tx’s that have a lot of sigops that I made to liquidate (take) the attacker’s funds.”
There is no government regulating the interactions on Bitcoin Cash or, for that matter, Bitcoin Cash. People can do whatever is possible within the rules of consensus. As such, Changpeng Zhao’s idea to “reorganize” the Bitcoin blockchain was taken very seriously by people who understand there’s no stopping him – if he has the ability.
Spam of a New Kind
The intent of the initial attack was apparently to disrupt normal operations for Bitcoin Cash. The attacker injected thousands of invalid transactions into the mempool and made it difficult for anyone to make regular transactions. The attack coincided with a scheduled network hard fork.
Notably, BitcoinXT recently dropped off the Bitcoin Cash network, resigning from development efforts in protest of such regularly scheduled hard forks.
The origin of the bug which led to the attack was not immediately clear. Some observers, such as Cornell Professor Emin Gün Sirer, claim the bug was born of the block template code.