Improper Network Block Validation Leads to Advisory 30-Confirmation Wait on Bitcoin Transactions
Issues With Transaction Confirmation Scores and Mining Pools
Bitcoin is a decentralized network, which is only as strong as the total amount of people, mining pools and nodes supporting the network. The way transaction occur, is by broadcasting them to the network, and once deemed valid, the transaction will be included in the next Bitcoin block on the network. These blocks are generated roughly every 10 minutes, and will serve as the first validation of your transaction.
However, Bitcoin Core development is evolving, and many network users are still running an older client on their computers. For those digital currency enthusiasts who are running Bitcoin Core version 0.9.4 or previous builds, they should wait for at least 30 confirmation per transaction – or upgrade to Bitcoin Core 0.10.2 as soon as possible.
The same story goes for both web wallet users – unless the service provider is using Bitcoin Core version 0.9.5 or higher – and lightweight (SPV) wallet users. Especially this latter category will need to wait for the 30 confirmation limit to avoid any issues with incoming and outgoing transactions. Any individual user running the Bitcoin Core client 0.9.5 or higher is unaffected by this issue.
At the time of publication, there is one remaining Bitcoin mining pool which is not correctly validating new blocks on the network. As a result, they are losing money for both themselves and people mining on their pool. According to the information we have received, the affected pools is BTC Nuggets, who have not responded yet at this time.
UPDATE: F2Pool have fixed the issue and are now properly confirming blocks once again.
Solo Bitcoin miners who are not using Bitcoin Core 0.10.2 at this time, are urged to upgrade their client as soon as possible. Halting your solo mining until this upgrade has completed is mandatory, as your client may not correctly validate the blocks being mined either. It is in your best interest to follow these guidelines. Otherwise, you could end up losing mined coins.
Generating Invalid Blocks on the Network
Whenever a new Bitcoin block is mined on the network, it not only includes a ton of transactional data, but it also rewards miners with [a share of] 25 BTC. Mining an invalid block will not only mess up the transaction confirmations, but it can also issue coins that are not officially validated on the Bitcoin network – and are thus invalid.
At this time, some miners are generating these invalid blocks, which can lead to Bitcoin network instability. To make matters even worse, these invalid blocks will be accepted – under certain conditions – by all Bitcoin software clients that are not using Bitcoin Core 0.9.5 or above as a foundation. Even BitcoinJ version 0.11-SNAPSHOT has been confirmed to be vulnerable to these invalid blocks.
When asked about the reason the number 30 was chosen, Theymos explained:
“30 is just a conservative guess at a safe value. As far as I know, there might be as much as 25% of mining power mining on the wrong chain, so it’s within the realm of possibility that they get a 6-block lead over the remaining miners, and 1- and 2-block leads are fairly likely. A 30-block lead seems sufficiently unlikely.”
So far, no incidents have been reported in terms of coins gone missing after invalid confirmations. However, the threat is far from over, and Bitcoin Core developers are remaining vigilant until everyone has safely upgraded their clients.
What are your thoughts on third-party services using an earlier version of Bitcoin Core? Let us know in the comments below!
Images courtesy of Shutterstock and Bitcoin Core.