Developer Peter Todd has caused quite a stir in the community by committing a double spend on Coinbase. Taking $10 from the company and buying Jeremy Gardner of the Augur project some reddit gold. Todd admitted to the action via Twitter and GitHub with the crack he created. Gardner says:
“At 2:30 this morning @petertoddbtc committed a double-spend attack on @Coinbase by buying me Reddit gold and then redirected the payment” — Jeremy Gardner
At this time, Gardner says he and Todd were conversing, and Todd had decided to “make a point about security in the industry” Gardner goes on to say that he had succeeded on his first try and was able also to snap a screenshot of the action. Many people in the community went crazy on Twitter following this announcement. Charlie Lee of Coinbase and creator of Litecoin also jumps into the tweets “we are willing to let one steal $4 for better UX for everyone else. Of course, will change if there’s abuse.”
A lot of people within the community had thanked Peter Todd for his honesty. Todd writes via Twitter, “Yeah relying on honesty is fine, but let’s make sure the general public understands that’s what we’re doing.” Other people such as Brian Hoffman of OpenBazaar wrote, “trying out for the clown Olympics” Following this tweet-fiesta the post was then added to forums like r/bitcoin and r/btc causing a frenzy in those online areas. After this drama, even more craziness ensued as Peter Todd was banned from reddit.
“I’m not sure if this is a risk that coinbase minds, but when Peter Todd discusses bitcoin security flaws, they’re worth listening to,” — Jeremy Gardner
When this the statement was submitted to the subreddit /u/petertodd was indeed suspended for unknown reasons. However the creator of this post writes:
Background: The bitcoin protocol currently operates on a zero-confirmation basis, where users are free to accept transactions without confirmation if they so choose. Typically, merchants do this to improve customer experience – the rationale being: “no one is going to double spend attack this transaction for their coffee.” Additionally, the cost of securing low-value transactions is not worth the money saved in identifying them. Developers on the QT implementation (this includes Peter Todd) want to run replace-by-fee and eliminate zero-conf transactions. Event: You can read the whole thing here, but essentially Peter Todd double-spend attacked coinbase. He appears to have committed fraud and announced it on reddit. You can specifically see the conversation between him and coinbase here.”
At press time, Todd’s account was reinstated on reddit and it seems to be operational. Many people on the suspension post on r/bitcoin claimed Todd had broken some kind of law. And nobody could figure out which law he broke and this caused yet another heated debate. However one person writes, “/u/petertodd released information on how to attack companies service for what can essentially be called free money, he then chose not to contact Coinbase, and instead bragged about it. I’m pretty sure that’s both illegal and can be considered “confidential information”. With the latest fighting between Bitcoin.org and Coinbase, the heated block size debate, and everything in between its never a dull day in Bitcoin-land.
What do you think about what Peter Todd did? Let us know in the comments below.
Images courtesy of Shutterstock, and Pixbay