5
2
What are the main principles and/or patterns programmers must apply to their code in order to make their programs bulletproof towards transaction malleability attacks?
Anti-Transaction malleability patterns
Answers
2
Use two tables for deposits basically.
insert deposits into one table with a unique hash. store sighash and txid with a unique hash and timestamp in the other. when the txid changes, you update the second table, preventing the duplicate deposit.
1@DougPeters no problem. its all about spreading awareness in the community. the stronger the developers, the stronger the economy. i've nver had a problem with it because i don't rely on wallet notify to store transactions, instead i dump an array of the last 100 transactions every 30 seconds iterate through it checking against the db(type receive), only crediting once the confirm > 6. this has performance drawbacks of course, and requires an extra script to periodically check already paid deposits(for changes in txhash and # of confirmations. – r3wt – 2014-04-04T18:06:11.403
i will opensource this solution soon, which is written in php/mysql, and it should be easily ported to other languages/configurations. – r3wt – 2014-04-04T18:07:59.647
Will you handle deposits per address or per transaction? When a transaction pays to multiple addresses in your wallet for example. – Robert-Reinder Nederhoed – 2014-04-23T08:42:38.290