Why was an insecure merkle tree implementation chosen?
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
At risk of creating a "lets discuss politics" question, let me clarify that what I want to know is whether there is a known benefit to Satoshi's "duplicate the last hash" merkle tree implementation over the seemingly obvious "append zeros".
For those who don't know, the bitcoin merkle tree algorithm allows blocks to be mutated if a transaction can be duplicated which lead to CSV-2012-2459.
security protocol merkle-tree
asked yesterday
Caleb James DeLisle
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
3
down vote
favorite
At risk of creating a "lets discuss politics" question, let me clarify that what I want to know is whether there is a known benefit to Satoshi's "duplicate the last hash" merkle tree implementation over the seemingly obvious "append zeros".
For those who don't know, the bitcoin merkle tree algorithm allows blocks to be mutated if a transaction can be duplicated which lead to CSV-2012-2459.
security protocol merkle-tree
asked yesterday
Caleb James DeLisle
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
3
down vote
favorite
up vote
3
down vote
favorite
At risk of creating a "lets discuss politics" question, let me clarify that what I want to know is whether there is a known benefit to Satoshi's "duplicate the last hash" merkle tree implementation over the seemingly obvious "append zeros".
For those who don't know, the bitcoin merkle tree algorithm allows blocks to be mutated if a transaction can be duplicated which lead to CSV-2012-2459.
security protocol merkle-tree
asked yesterday
Caleb James DeLisle
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
At risk of creating a "lets discuss politics" question, let me clarify that what I want to know is whether there is a known benefit to Satoshi's "duplicate the last hash" merkle tree implementation over the seemingly obvious "append zeros".
For those who don't know, the bitcoin merkle tree algorithm allows blocks to be mutated if a transaction can be duplicated which lead to CSV-2012-2459.
security protocol merkle-tree
security protocol merkle-tree
asked yesterday
Caleb James DeLisle
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked yesterday
Caleb James DeLisle
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited yesterday
asked yesterday
Caleb James DeLisle
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked yesterday
Caleb James DeLisle
162
asked yesterday
Caleb James DeLisle
162
162
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Caleb James DeLisle is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
8
down vote
As with many things in Bitcoin, it is likely simply because it worked well enough, and such an attack was not immediately obvious.
Several of the choices made in the early days of Bitcoin don't have a full justification behind them, and were simply made because it worked at the time without any major, obvious shortcomings. This is one such scenario, as far as I'm aware.
answered yesterday
Raghav Sood
6,33411027
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
8
down vote
As with many things in Bitcoin, it is likely simply because it worked well enough, and such an attack was not immediately obvious.
Several of the choices made in the early days of Bitcoin don't have a full justification behind them, and were simply made because it worked at the time without any major, obvious shortcomings. This is one such scenario, as far as I'm aware.
answered yesterday
Raghav Sood
6,33411027
add a comment |
up vote
8
down vote
As with many things in Bitcoin, it is likely simply because it worked well enough, and such an attack was not immediately obvious.
Several of the choices made in the early days of Bitcoin don't have a full justification behind them, and were simply made because it worked at the time without any major, obvious shortcomings. This is one such scenario, as far as I'm aware.
answered yesterday
Raghav Sood
6,33411027
add a comment |
up vote
8
down vote
up vote
8
down vote
As with many things in Bitcoin, it is likely simply because it worked well enough, and such an attack was not immediately obvious.
Several of the choices made in the early days of Bitcoin don't have a full justification behind them, and were simply made because it worked at the time without any major, obvious shortcomings. This is one such scenario, as far as I'm aware.
answered yesterday
Raghav Sood
6,33411027
As with many things in Bitcoin, it is likely simply because it worked well enough, and such an attack was not immediately obvious.
Several of the choices made in the early days of Bitcoin don't have a full justification behind them, and were simply made because it worked at the time without any major, obvious shortcomings. This is one such scenario, as far as I'm aware.
answered yesterday
Raghav Sood
6,33411027
answered yesterday
Raghav Sood
6,33411027
answered yesterday
Raghav Sood
6,33411027
answered yesterday
Raghav Sood
6,33411027
6,33411027
add a comment |
add a comment |
Caleb James DeLisle is a new contributor. Be nice, and check out our Code of Conduct.
Caleb James DeLisle is a new contributor. Be nice, and check out our Code of Conduct.
Caleb James DeLisle is a new contributor. Be nice, and check out our Code of Conduct.
Caleb James DeLisle is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fbitcoin.stackexchange.com%2fquestions%2f80973%2fwhy-was-an-insecure-merkle-tree-implementation-chosen%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
