How does the network determine whether to replace a transaction?


Further to this question, how does the network determine whether to accept a new version of a transaction as a replacement transaction? Could an attacker replace transactions maliciously?


Posted 2011-12-29T13:17:50.400

Reputation: 1 209



Each node in the network accepts any transactions with a higher sequence field (in TxIn) as long as the transaction isn't locked (lock time hasn't expired).

This can't be used as an attack because the client is aware the transaction is unlocked and thus could be modified. The client (and thus any merchant) will/should treat the transaction as even less secure than an unconfirmed one.

To protect oneself the merchant just needs to wait until the lock time has expired (then transaction is similar to any other 0-confirm transaction) and for even more security wait for 1 to 6 confirmations.

Currently the client only supports lock time of 0 (lock as soon as created) and sequence of max UINT (no possible higher sequence) which prevents modifying transactions.


Posted 2011-12-29T13:17:50.400

Reputation: 8 409