Over the past 72 hours, the Bitcoin protocol has been suffering from a malleability attack. The attack has been happening to quite a few users moving funds on the network. The transactions look like bitcoin being sent twice or “double spent.” Typically the real action gets confirmed by the network, and the misleading output disappears on most wallets. The attack has been said to be safe but rather a “nuisance”.
Over the past couple of months, the network has had similar malleability or spam attacks hitting the network and affecting confirmations. The cryptocurrency community has been aware of the problem with members like Charlie Lee speaking on the issue. Lee told Cointelegraph that “Litecoin Shows There Is a Simple Fix for Spam Attacks on Bitcoin” and gave his opinion on the matter.
Developers have also been working on fixing the issue by adding a BIP 62 solution to the problem. However, developer Pieter Wuille has said there have been “complexities” involved with the implementation. Many members of the community are currently having grievances with the malleability attacks and people are reporting it on many forums. In such thread, a user from BitcoinTalk has also claimed to be the culprit of the attack, stating:
“OK. This is not ‘someone.’ It is me. Right now the stress-test is paused. I reserve a right to resume it. Ask me anything.”
Users in the network have been told as they have in the past not to worry. In an ELI5 written on reddit, it was recommended that people should wait for blockchain to confirm fully before adding on top of previous transactions.
“I'm very surprised and shocked at the lack of urgency being granted to actually doing something about this problem,” wrote one redditor. If and when BIP 62 initiates, it's encouraged for all miners to enforce the solution in order to make transactions run smoothly.
Currently, transactions being sent across the blockchain are being changed but without any knowledge of private keys. This means that users’ bitcoins are completely safe, and it does not change the source destination or amount sent, it just takes a while longer to confirm.
Yesterday I had sent a dollar from one wallet to another, and it took over an hour to fully confirm. There was a double spend in my transaction list, however it finally disappeared from my Bread wallet. Overall it is widely believed that BIP 62 will address malleability and spam issues indefinitely within the protocol.
There hasn't been any word from core development on whether this issue will be addressed. Back in January, Gavin Andresen said “DERSIG BIP looks great to me” and that he would suggest a few changes such as BIP 62, explaining it “would simplify avoiding OpenSSL in consensus implementations."