Transaction malleability refers to the ability of an attacker to modify or alter the hash that identifies a transaction within the transaction. blockchain. A situation that can undoubtedly alter and generate serious problems within a payment system such as that of the cryptocurrencies, .


La malleability of the transactions of Bitcoin, is a kind of Denial of Service (DoS) attack, which allows an attacker to modify or alter the hash that identifies a transaction within the blockchain.

At first glance, this may not seem like a problem per se, as modifying the hash of a transaction, it would not affect it at all, and the transaction would be executed in the same way. However, the problem arises when the recipient of the transaction claims that he does not see the transaction reflected in his account. So you are suspicious of the user who performed the operation and of the system in general.

It is for this reason that the malleability of a transaction is a serious problem for the payment systems of cryptocurrencies, . A problem that many cryptocurrencies face and solve in various ways.

How does this attack occur?

Our Transactions en Bitcoin They are made up of one or more inputs and one or more outputs. The inputs are made up of a series of references that refer to the outputs of a previous transaction, and are known as unspent outputs (UTXO). For their part, the outputs contain the address to which the transaction was made, and the amount of funds that were transferred.

Each transaction made on the Bitcoin blockchain contains its own hash. This hash is unique and unrepeatable, and is used to identify or locate a particular transaction within the blockchain.

In this way, through the hash, miners can track and verify that a transaction has been added within a block. And therefore, validate that it is part of the blockchain.

Now, Until the validation and confirmation of that transaction is done, an attacker has the possibility to modify and alter the identifier hash of the transaction, without altering the digital signature. With this action, the attacker manages to hide the transaction and thus makes the issuer believe that the operation was not carried out. So a few hours later, he makes a claim to the issuer so that he can make the transfer again, claiming that he has not received the funds. At this point is where the attack or scam is executed. Since the attacker did receive the transferred funds, only they are not reflected with the hash (txid) that was registered in the service.

Feasibility of executing this attack

The main target of transactions malleability attacks are cryptocurrency exchanges or houses. Due to the high volume of operations and transactions that they handle on a daily basis, an attacker can take advantage of the situation.

In the case of a user who does not carry out as many transactions a day, it is highly unlikely that he will be the victim of this type of attack. Since when consulting the balance of your account you will see the debit of the transaction reflected. So you can see that if the transaction was made and verify that the destination address does have the funds transferred.

Mt Gox and the problem of transaction malleability

The numerous losses suffered by the famous and failed exchange cryptocurrency, Mt Gox, were caused as reported by the technical team and its CEO, Mark Karpeles, due to a problem of malleability of transactions. That they allowed various hackers and attackers to make claims for allegedly failed transactions. Which totaled approximately 850.000 stolen bitcoins. An unfortunate event that led to the bankruptcy of the exchange in 2014, and that left thousands of users angry and puzzled.

According to Karpelès, this was due to the malleability of the transactions. Karpeles argued that users were able to make multiple withdrawals of their funds, claiming that these had not been done, when in fact they were.

However, several investigations carried out determined that the bankruptcy of this exchange was not only due to an act of hacking, but also due to the manipulation of data by the team responsible for Mt Gox. In the report published by ArXiv The loss of bitcoins due to malleability of transactions is calculated not to exceed 400 units.

How much do you know, cryptonuta?

Is the malleability of transactions a security danger?


To a certain extent, the malleability of transactions is a security risk, since a malicious actor in an exchange could use this weakness to alter the transaction logs and obtain money that is not theirs illegally.

Proposed solutions to the malleability problem

Since this problem in transactions was detected in Bitcoin and other cryptocurrencies, there have been several efforts by developers and specialists to tackle it. Thus, two solutions were developed with the objective of addressing malleability.

Proposals in Bitcoin

  • 0062 BIP It is a solution presented in 2014 by the developer Pieter Wuille in order to address the malleability problem of Bitcoin transactions, which caused the sender to lose track of their transactions once the hashes were modified. Causing, under manipulations, to send the funds over and over again, generating large losses. In this proposal, all possible ways of finding malleability in transactions are exposed, with which they can be addressed and solved.
  • followed It is another tool designed in order to attack, among other things, the malleability problem of Bitcoin transactions. To avoid this, SegWit separates the transaction data, included in the Merkle tree, from the signatures. Thus, the transactions that use and spend the segwit outputs are not vulnerable to malleability problems.

Proposals on Ethereum

El Hard Fork de Ethereum "Homestead", described in EIP-2, solved the problem of malleability in Ethereum. More specifically the update makes all transaction signatures whose s value is greater than secp256k1n/2 now considered invalid. This solves the problem of the malleability of transactions in Ethereum.

Dash Proposals

Dash It has also made changes to its software to avoid this problem. Due to the proximity of the Dash and Bitcoin code, Dash chose to apply a fix following the recommendations of the BIP-66. This fixes a part of transaction malleability issues in Dash. Additionally, it also applied a patch based on the recommendations given in the BIP-0147. But despite this, Dash is still not fully protected against these types of attacks, and for its development team this is not a first level priority, as they make it see in their blog.