diff options
| author | Gavin Andresen <gavinandresen@gmail.com> | 2014-06-30 08:35:12 -0400 |
|---|---|---|
| committer | Gavin Andresen <gavinandresen@gmail.com> | 2014-06-30 08:35:12 -0400 |
| commit | 8ceb28afc3799c765d1fce242d9c9472d5f4024c (patch) | |
| tree | 39e751cf37191b98e399380e2517873ac1bd62bf /doc | |
| parent | 6fba25ef26649359d8e5962555c0d753b6df51b4 (diff) | |
| parent | 7a19efe04069d9a1e251cdc94b25184f76d9d901 (diff) | |
| download | bitcoin-8ceb28afc3799c765d1fce242d9c9472d5f4024c.tar.xz | |
Merge pull request #3883 from dgenr8/first_double_spend
Relay and alert user to double spends
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/release-notes.md | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/doc/release-notes.md b/doc/release-notes.md index 9272d427cd..3a4079e437 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -19,3 +19,49 @@ estimate. Statistics used to estimate fees and priorities are saved in the data directory in the 'fee_estimates.dat' file just before program shutdown, and are read in at startup. + +Double-Spend Relay and Alerts +============================= +VERY IMPORTANT: *It has never been safe, and remains unsafe, to rely* +*on unconfirmed transactions.* + +Relay +----- +When an attempt is seen on the network to spend the same unspent funds +more than once, it is no longer ignored. Instead, it is broadcast, to +serve as an alert. This broadcast is subject to protections against +denial-of-service attacks. + +Wallets and other bitcoin services should alert their users to +double-spends that affect them. Merchants and other users may have +enough time to withhold goods or services when payment becomes +uncertain, until confirmation. + +Bitcoin Core Wallet Alerts +-------------------------- +The Bitcoin Core wallet now makes respend attempts visible in several +ways. + +If you are online, and a respend affecting one of your wallet +transactions is seen, a notification is immediately issued to the +command registered with `-respendnotify=<cmd>`. Additionally, if +using the GUI: + - An alert box is immediately displayed. + - The affected wallet transaction is highlighted in red until it is + confirmed (and it may never be confirmed). + +A `respendsobserved` array is added to `gettransaction`, `listtransactions`, +and `listsinceblock` RPC results. + +Warning +------- +*If you rely on an unconfirmed transaction, these change do VERY* +*LITTLE to protect you from a malicious double-spend, because:* + + - You may learn about the respend too late to avoid doing whatever + you were being paid for + - Using other relay rules, a double-spender can craft his crime to + resist broadcast + - Miners can choose which conflicting spend to confirm, and some + miners may not confirm the first acceptable spend they see + |