-1

Hi all I was wondering if I am doin a wrong assumption here: Let's assume a dezentralized peer to peer network and the bitcoin protocol. If a full node changes a transaction within a block and then start looking for a suited nonce to fulfill the requirements and than win the competition: All other nodes would verify the block, due to the correct hash requirements. This would result in the fact that nodes can change transactions within a block after receiving them and than start their proof of work. All the other nodes would accept that block if the node is the fastest. Is this correct?

To conclude the question more precisely: after the fastest node has found a nonce for its false transaction block, will the other nodes verify only the hash value (which fulfills the requirements) or do they also verify the transactions in the block again?

frosk
  • 3
  • 3

3 Answers3

3

Bitcoin funds are locked to a specific private key. In order to spend them in a transaction, the transaction needs to be signed with the private keys corresponding to each input. The signature commits to the exact content of the transaction. If another user changes the transaction, the signature is no longer valid. Other users cannot produce another signature as they're not privy to the private key.

Therefore your scenario fails in one of two ways: One, the attacker creates a fake transaction with an invalid signature. Every other node that verifies the block's content notices the invalid signature and rejects the block. Two, the attacker attempts to create a valid transaction with a different outcome than the original. He cannot, because he doesn't have the correct private key to produce the signature.

Remember that every node checks all details of each transaction and each block independently. Editing your node's database locally or changing the code that your node is running does not impact the behavior of other nodes.

Murch
  • 75,206
  • 34
  • 186
  • 622
  • Thank you for the more detailed explanation. What about an attacker is changing a transaction of his own, where he has the appropriate private keys of the inputs? – frosk Apr 27 '20 at 05:54
  • That is called a doublespend. If the original is already confirmed, it'll be invalid for trying to spend non-existent funds. If it's not confirmed, only one, the original or the doublespend can be included in a block. – Murch Apr 27 '20 at 06:21
  • I understand. Can you explain how or who is going to make the transaction invalid? Assuming all transaction have been confirmed and now the node is changing it afterwards with the appropriate keys and saying it is valid. Does the changed transaction again get verified by the other nodes, or only a hash requirement is checked? (assuming the malitous node won the competition) This was btw my original question – frosk Apr 27 '20 at 11:20
  • 1
    Every node validates all information for themselves. If you change your code or database locally that doesn't change what everyone else is doing. Nodes validating transactions check whether the unspent transaction outputs (UTXO) consumed by the inputs are available and then mark those UTXO as spent. A second transaction using the same funds fails because the UTXO are unavailable for spending, they are already spent. – Murch Apr 27 '20 at 14:32
  • But the actual process is as follows: all nodes get every transaction, than the start mining the block. All nodes the same one. The first node that finishes mining will be the winner and send the block to all the other nodes which then validate the hash and the send block will be set into the blockchain by every node locally. Now the question is, if the other nodes check the transaction of the new arrived block again. – frosk Apr 28 '20 at 20:37
  • 1
    @frosk Yes, as you've now been told 3 times: every node checks every transaction in every block fully. The other nodes treat the incoming block as a new block they have not seen, so they fully verify it. There is nothing special about miners receiving blocks created by other miners: miners are nodes, and every node checks every block fully. Miners could choose to not do this by modifying their software, but it would be silly: they'd just risk building on top of an invalid block and see their energy spent on mining go to waste. – Pieter Wuille Apr 28 '20 at 21:36
  • 1
    Note that different miners working simultaneously do not actually work on the same block. Each may have a (slightly) different set of transactions (as propagation of transactions is not perfect), and their coinbase transaction (the one that pays themselves the subsidy/fees) is of course different. Each has their own candidate block, but they have full discretion over what goes into it. Once they solve their candidate's PoW, they broadcast it, and hopefully for them, the network's nodes (including other miners' nodes) accept it after validating it. – Pieter Wuille Apr 28 '20 at 21:42
  • Thank you guys for clarifying that. It really would be helpful if there is a clear procedure Diagramm of the life cycle of a block. Or the procedure of doing transactions, collecting transactions, mining blocks and committing block to blockchain. With at least several nodes. – frosk Apr 29 '20 at 07:35
2

after the fastest node has found a nonce for its false transaction block, will the other nodes verify only the hash value (which fulfills the requirements) or do they also verify the transactions in the block again?

Every full node fully verifies every transaction in every block independently. This is even true for non-mining nodes. If a block contains an invalid signature, it will be ignored by the entire network.

Miners do this too (including blocks produced by other miners), but not only because the protocol prescribes it. Miners serve the network, and if they mine blocks the network does not like, their efforts are wasted. Thus they are incentized to validate everything, and not risk building (or building on top of) invalid blocks.

Pieter Wuille
  • 105,497
  • 9
  • 194
  • 308
  • Thanks pieter, it seems to me now you are facing my question. So can you tell me maybe a little more about the verification process in the cycle of a new block generation. So if the transaction arrives on every note it gets verified and kept in memory. After enough transactions have been collected they get promoted to the next block. Now every node is competing in finding the nonce. Here now a malicious node could change a transaction and try to find the nonce for this block containing an invalid transaction. – frosk Apr 26 '20 at 16:01
  • Will the new block again be verified according to its transactions or only according to its generated hash value before committing it – frosk Apr 26 '20 at 16:01
  • Please read my comment again and could you tell me when in the creation process the block gets verified? – frosk Apr 26 '20 at 16:40
  • And not just say it gets verified... – frosk Apr 26 '20 at 16:40
  • 3
    Every transaction in every block gets verified by every node. This has nothing to do with mining. Miners can build whatever blocks they like, but if they build a block with invalid transactions, their efforts are wasted. So they are incentivized to build valid blocks, and also build on top of valid blocks. – Pieter Wuille Apr 26 '20 at 17:30
  • I am asking about the procedure: new transaction arrives at the node, then verified.... When the next block will be mined all transactions from memory will be taken to the new to be mined block and then mining starts. Now will there be a new validation afterwards by the other nodes or only the generated hash value check of the node that won the competition – frosk Apr 27 '20 at 05:52
  • 2
    Every transaction gets fully validated by every node. Not just their hashes: all the transaction details, including digital signatures. That includes miners. If they didn't, they could be tricked into building on top of an invalid block, which would make their electricity that went into hashing wasted. – Pieter Wuille Apr 27 '20 at 05:54
1

If a block is in any sense invalid, no honest node will ever accept it, period. So producing a block that is invalid is pointless, a waste of effort.

Now say a block is just produced right now. Someone could, if they got lucky, quickly produce another block with the same block number as that block that has different transactions in it. This can even happen without anyone being malicious.

At this point, the network wouldn't know which of those two blocks to treat as valid. This is why exchanges wait for several more blocks to be produced before crediting anyone for deposited bitcoins.

Pretty quickly, it will be clear which of those two blocks wins. Nobody wants to mine on an alternate chain because they will never get to keep any of the rewards or fees. So every honest miner quickly cooperates to pick one of those chains and lengthen it sufficiently to ensure that their mining rewards do stick.

David Schwartz
  • 51,554
  • 6
  • 106
  • 178