Treat non-final transactions as non-standard
At least one service that accepted zero-confirmation transactions was vulnerable because an attacker could send a transaction with a lock time far in the future, and then have plenty of time in which to get a double-spend mined (perhaps from a miner who wasn't on the network when the first transaction was broadcast). That is a variation on the "Finney attack". We still don't recommend anybody accept 0-confirmation transactions as final payment for anything. This change keeps non-final transactions from appearing in the wallet, and, assuming most of the network accepts this change, will prevent them from being relayed until they are final.
This commit is contained in:
parent
bb5181fcc2
commit
6f8730752c
1 changed files with 3 additions and 0 deletions
|
@ -368,6 +368,9 @@ bool CTransaction::IsStandard() const
|
|||
if (nVersion > CTransaction::CURRENT_VERSION)
|
||||
return false;
|
||||
|
||||
if (!IsFinal())
|
||||
return false;
|
||||
|
||||
BOOST_FOREACH(const CTxIn& txin, vin)
|
||||
{
|
||||
// Biggest 'standard' txin is a 3-signature 3-of-3 CHECKMULTISIG
|
||||
|
|
Loading…
Reference in a new issue