BitMEX Explores Bitcoin’s 64-Byte Transaction Quir
BitMEX Research published a detailed examination of the long-known “64-byte transaction” quirk in Bitcoin, showing how such transactions can be confused with Merkle tree internals and potentially exploited to deceive SPV clients.
bitmex.com/blog
🔗
64 Byte Transactions
In this piece we are focusing on the issues of the “64 byte transactions.” The trick involved here is that the data in the inner nodes in the Merkle trees that make up Bitcoin blocks are 64 bytes. The hash of a Bitcoin transaction, the TXID, is 32 bytes.The inner branches of the second lowest row of the Merkle tree hashes two Bitcoin TXIDs concatenated together. This makes 64 bytes.
The security vulnerability is that this 64 bytes of data could be confused with a 64 byte Bitcoin transaction. For instance, an attacker could create a 64 byte Bitcoin transaction, to confuse or trick a would be victim into accepting an incoming payment.