Toggle Main Menu Toggle Search

Open Access padlockePrints

Refund Attacks on Bitcoin’s Payment Protocol

Lookup NU author(s): Patrick Mccorry, Professor Feng Hao


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


© International Financial Cryptography Association 2017. BIP70 is a community-accepted Payment Protocol standard that governs how merchants and customers perform payments in Bitcoin. This standard is supported by most major wallets and the two dominant Payment Processors: Coinbase and BitPay, who collectively provide the infrastructure for accepting Bitcoin as a form of payment to more than 100,000 merchants. In this paper, we present new attacks on the Payment Protocol, which affect all BIP70 merchants. The Silkroad Trader attack highlights an authentication vulnerability in the Payment Protocol while the Marketplace Trader attack exploits the refund policies of existing Payment Processors. Both attacks have been experimentally verified on real-life merchants using a modified Bitcoin wallet. The attacks have been acknowledged by both Coinbase and Bitpay with temporary mitigation measures put in place. However, to fully address the identified issues will require revising the BIP70 standard. We present a concrete proposal to revise BIP70 by providing the merchant with publicly verifiable evidence to prevent both attacks.

Publication metadata

Author(s): McCorry P, Shahandashti SF, Hao F

Publication type: Conference Proceedings (inc. Abstract)

Publication status: Published

Conference Name: 20th International Conference on Financial Cryptography and Data Security (FC 2016)

Year of Conference: 2017

Pages: 581-599

Online publication date: 17/05/2017

Acceptance date: 01/01/1900

ISSN: 9783662549704

Publisher: Springer Verlag


DOI: 10.1007/978-3-662-54970-4_34

Library holdings: Search Newcastle University Library for this item

Series Title: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ISBN: 9783662549698