diff options
author | Gavin Andresen <gavinandresen@gmail.com> | 2013-01-26 14:38:40 -0500 |
---|---|---|
committer | Gavin Andresen <gavinandresen@gmail.com> | 2013-01-26 14:38:40 -0500 |
commit | 6f8730752cf92ff8269812c01a6d9d35fff82e75 (patch) | |
tree | a953b277d1a81881b15449b54d11ad2f3203f841 /src | |
parent | bb5181fcc2e342966cc1c4b5efc98fc012a34fcc (diff) |
Treat non-final transactions as non-standard
At least one service that accepted zero-confirmation transactions
was vulnerable because an attacker could send a transaction
with a lock time far in the future, and then have plenty of time in
which to get a double-spend mined (perhaps from a miner who wasn't
on the network when the first transaction was broadcast).
That is a variation on the "Finney attack". We still don't
recommend anybody accept 0-confirmation transactions as final
payment for anything. This change keeps non-final transactions
from appearing in the wallet, and, assuming most of the network
accepts this change, will prevent them from being relayed until
they are final.
Diffstat (limited to 'src')
-rw-r--r-- | src/main.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/main.cpp b/src/main.cpp index 75e7013918..6c2d76202a 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -368,6 +368,9 @@ bool CTransaction::IsStandard() const if (nVersion > CTransaction::CURRENT_VERSION) return false; + if (!IsFinal()) + return false; + BOOST_FOREACH(const CTxIn& txin, vin) { // Biggest 'standard' txin is a 3-signature 3-of-3 CHECKMULTISIG |