Bug in 'Timelocked' Bitcoin Contracts Could Spur Miners to Steal From Each Other

A widespread bug has compromised a special type of bitcoin transaction that is supposed to discourage miners from cheating, new research shows.

This increases the risk of a hypothetical form of attack in which miners could essentially steal bitcoin from other miners.

The bug affects 10% of timelocked transactions, or 2% of bitcoin transactions overall.

A timelocked transaction prevents the recipient of bitcoin from accessing it right away.

One use case for this feature is as a form of vesting - startup Blockstream has paid employees in timelocked bitcoin which theoretically gives them an incentive to do what's best for the network's long-term value.

With fee-sniping, a malicious miner tries to replace a block someone else just mined with their own, including the same transactions plus potentially other transactions that are still pending.

The likelihood of such an attack might increase as transaction fees, which users pay to prioritize their payments, become a more important source of income for miners.

"Currently, not enforcing a timelock to an absolute block height does not have consequences for the majority of transactions. In a few years, when the block reward consists mainly of transaction fees, it might make fee-sniping more profitable," 0xb10c told CoinDesk.

The oddly formed timelock is different from all the other timelocks on the network, so it's easy for blockchain voyeurs to see that the transaction is coming from a particular wallet.

"A fix for this has been released in early 2020. However, it will take a while before all instances of the currently deployed software are upgraded," he said.0xb10c hopes his research will raise awareness of the risk of fee-sniping attacks so wallets that haven't set the time locked transactions correctly can make the fix, making the Bitcoin network a little more robust.