I can provide you with an article on this topic.
Why was the October 2015 transaction plasticity event possible despite BIP62/66?
In October 2015, a significant event occurred on the Bitcoin network that highlighted a vulnerability in its transaction plasticity protocol. The transaction plasticity problem, which was resolved with the implementation of BIP62 and BIP66, was still possible despite the introduction of these new rules.
Background: BIP62/66
In 2014, the Bitcoin Core development team introduced two new protocols, BIP62 (Base-62) and BIP66 (Base-66), with the aim of improving the security and efficiency of Bitcoin transactions. These protocols were designed to provide a more secure way to encode and decode Bitcoin transaction data.
BIP62/66 allowed the use of Base-62 and Base-66 representations in Bitcoin transactions, which allowed for more efficient storage and transmission of transaction data. However, these new protocols did not eliminate all potential vulnerabilities that existed before their introduction.
Maleability attack
In October 2015, a forging attack was launched against the Bitcoin network, which exploited a previously unknown vulnerability in the BIP62/66 implementation. The attack allowed an attacker to manipulate and alter transaction data in a way that would be undetectable by conventional means.
The attack involved modifying transaction data using the BIP62/66 protocol, which could then be used to create forged or altered transactions. This vulnerability had significant consequences for the Bitcoin network, as it allowed attackers to double-spend (spend) tokens without detection.
Why was forging possible despite BIP62/66?
Despite the implementation of BIP62 and BIP66, forging was still possible due to several factors:
- Inadequate testing: At the time, the Bitcoin Core development team had not thoroughly tested their BIP62 and BIP66 implementations against various attack vectors.
- Insufficient security measures: The new protocols did not provide sufficient security measures to prevent forging attacks. For example, they did not include any additional cryptographic layers or security checks.
- Lack of awareness: Many developers and users were unaware of potential vulnerabilities in the BIP62/66 implementations that could be exploited by attackers.
Conclusion
October 2015 The transaction plasticity incident that occurred in 2018 highlighted a major vulnerability in the Bitcoin network’s transaction plasticity protocol, despite its introduction through BIP62 and BIP66. The incident was a wake-up call for the developer community, highlighting the need for further testing and security measures to prevent similar attacks in the future.
AMA Clinlin: Response
In response to the plasticity issue, @amaclin posted some C++ code on /r/Bitcoin that demonstrated how to use BIP62/66 to create fraudulent transactions. The code also showed how attackers could exploit this vulnerability to double-spend tokens without being detected.
This post sparked a lively discussion on /r/Bitcoin, with many developers and users sharing their experiences and tips on how to mitigate the plasticity issue.