Researchers Expose Flaw in Bitcoin Wallets That Could Be Exploited for Double-Spending

Researchers Expose Flaw in Bitcoin Wallets That Could Be Exploited for Double-Spending

(Adrian Swancar/Unsplash)

A standard way to transact Bitcoin could be vulnerable to double-spending, new research has found. Blockchain sleuths at ZenGo, a wallet startup, have found a vulnerability that affected at least three major crypto wallets – Ledger Live, Edge and Breadwallet (BRD) – and potentially more. 

The bug, which the Tel Aviv-based firm calls BigSpender, allows a hacker to double spend a user’s funds and possibly prevent them from ever using their wallet again. It works by exploiting a flaw in replace-by-fee (RBF) function, a failsafe  that enables users to swap an unconfirmed transaction with one that has a higher fee. 

“[BigSpender] can lead to substantial financial losses and in some cases to make the victim’s wallet totally unusable with no way for the victim to protect themselves,” CEO Ouriel Ohayon said in an email. “So this can be seen as a .”

Like other vulnerabilities found in Bitcoin’s core codebase, such as , the RBF function has become a standard way for users to send value back and forth. It was pitched and accepted by the developer community as a way for Bitcoiners to circumvent slow confirmation times by paying more in fees. 

World’s Biggest Mining Firm Makes First Ore Trade on a Blockchain

Previous

Bitcoin’s Mining Difficulty Has Rarely Been This Static in a Decade

Next

More