Comments (5)
You're right, and thanks for opening this issue!
I need to explain it better at doc/schema.md, but even if collisions happen - the current code should still do the correct thing:
- in case of a hash prefix collision, a query will return a few unrelated transaction IDs (in addition to the correct one).
- the server verifies that each transaction actually has a relevant output/input (to the specified script_hash).
Therefore, a collision should only make the server do more TX lookups, but shouldn't hurt the correctness of the result.
from electrs.
FTR, by running the following tool, it seems that the Bitcoin transaction IDs have at most 6 bytes collisions (as of today):
$ cargo run --release --example txid_collisions -- -vvvv --timestamp --network=mainnet --db-dir=./db
2018-08-01T12:39:50.749+03:00 - DEBUG - opening DB at "./db/mainnet"
3 bytes collision found:
"acfb8519dd11de9e7c697b2ebc80f9e86cb5f860a0cf7a73666b062f01000000"
"3525c2e14ec21e6a6f5304deb5a1a7a553806b4ecad7d5c7d596055f1b000000"
4 bytes collision found:
"185b74db16c2771a319fca80d7029e76d6ad1fd102523f768a845d9096000000"
"76a4cd4f848d8fd8b173fe6291d77ac35666611d976ea8306150dac696000000"
5 bytes collision found:
"b83ae2c5b8d95374d9fb346d1f893c507c3506e8f1fb0c4a493a45bfa8e20000"
"b9a7eb7066740d7c4ab09115b5d77a28df77554041b4b02877b6a7bfa8e20000"
6 bytes collision found:
"18378dddaf6b3a296c8408dbd362dae0e0223f54b96d163cc73a41f468bef000"
"2bb37d516bc27dad079ca715d2c29d01b7f121cf1d9c21db2bb941f468bef000"
2018-08-01T12:41:53.934+03:00 - TRACE - closing DB at "/opt/tmp/mainnet"
from electrs.
You're right - I compare only "full bytes" when looking for collisions, so it's very likely that we're very close to a full 7 bytes transaction ID collision.
However, even if there are a few collisions, the query handling code should handle them correctly (AFAIU), since it verifies that the actual script has the same hash, and that each spending transaction actually spends a valid output:
Line 252 in 166372d
Lines 228 to 229 in 166372d
So, the impact should be a slowdown for querying addresses with a script hash collision.
from electrs.
Yes the scheme is good if the client assumes it'll get a superset of transactions. I suspect Electrum / Electron Cash does that, but they are generally not very fault tolerant; it's easy for a malicious server to bring them all down
from electrs.
I don't think that's right, someone posted on Twitter 1 year ago it was about 56 bits for tx hashes, perhaps Stick, which is what you'd expect from the birthday problem and number of txs. I actually ran the calculation, and a bunch of other stats on BCH, and it's 56 bits for a hashX there. Of course a hashX I use in ElectrumX is a script hash, but still
from electrs.
Related Issues (20)
- Bug: can't build on Debian 12 with dynamic linking due to `undefined reference to ZSTD_*` HOT 18
- Bug:
- Config:
- Feature:
- Bug:
- Consider updating service file example in the documentation
- Feature: in db use big-endian for height HOT 1
- A question about electrs' forks HOT 2
- Initial mempool sync may take a lot of time HOT 4
- Bug: electrs leaking sensitive scripthash values into logs, while exploring self-hosted mempool HOT 5
- Wallets connecting but getting no response HOT 13
- Feature: Disable saving logs to /electrs/bitcoin/LOG HOT 2
- batched mempool fetching should be smart about which TXs to fetch
- Consider switching to "Keep a Changelog"
- Bug: mempool sync failed: batch request failed HOT 7
- Use `bitcoind` crate to add more integration tests
- Build: signal: 11, SIGSEGV: invalid memory reference fail HOT 21
- Feature: Support donation address configuration HOT 2
- DB seems to be corrupted after running out of disk space HOT 6
- Bug: unable to load electrs after compiling (Error: electrs failed) error HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from electrs.