Transaction Malleability Explained

One of the benefits of SegWit, scheduled to activate on the network very soon, is that it fixes something called transaction malleability. In this article, I’m going to explain what malleability is and why fixing it is important.

• Save

What is Transaction Malleability?

To understand transaction malleability, it helps to think of Bitcoin as a global ledger and transactions as bank checks, as described in my previous SegWit article.

A transaction identifier, called a transaction hash, is something like a fingerprint and is unique. Unlike a fingerprint, the transaction ID changes if the transaction it represents changes in any way.

As mentioned in my previous article, much like bank checks have written signatures, Bitcoin transactions have digital signatures. Much like real life signatures, digital signatures can vary slightly and yet still be valid.

Because the transaction identifier takes into account everything in the transaction, the transaction identifier changes if the digital signature changes. These subtle changes can happen only before a transaction is put into a block. Once a transaction is added to the blockchain, the transaction, including the signature becomes immutable.

The mutability of the signature can be problematic because someone can take a transaction and modify the signature slightly and make the transaction identifier change.

This would be the equivalent of replacing the signature on a check. The amount on the check would not change, but changing the signature would cause the check identifier to change.

Transaction identifiers are particularly important because, as a global ledger, Bitcoin is organized around these transaction identifiers. New transactions refer to past transaction identifiers to prove that the signature on the check is correct.

How Does Transaction Malleability Affect The Lightning Network?

First, let’s review what the Lightning Network is. The Lightning Network is an off-chain micro-payment network. The Lightning Network operates on top of Bitcoin and is often referred to as a “Layer 2” solution for that reason.

The Lightning Network works by creating a double-signed transaction. That is, we have a new check that requires both parties to sign for it to be valid. The check specifies how much is being sent from one party to another. As new micro-payments are made from one party to the other, the amount on the check is changed and both parties sign the result.

To start the Lightning Network channel, this double-signed check must be funded. In order that the double-signed check isn’t held captive by an uncooperative counterparty, the double-signed check is signed by both parties before the funding transaction is sent out to the network.

For the Lightning Network to work, we need the funding transaction to not be broadcast until the double-signed check is signed.

Because the double-signed check refers to the funding transaction’s identifier, if the funding transaction’s identifier is changed, the double-signed check will become invalid. This represents a risk to opening the Lightning Network channel. There are ways to make the Lightning Network work without this fixing transaction malleability, but LN is easier when transaction malleability is fixed.

How Does SegWit Fix Transaction Malleability?

It turns out signatures are the only way in which transaction identifiers can be changed by an attacker. With SegWit, the transaction identifier no longer takes into account the signature. This means that even if the attacker changes the signature, the transaction identifier stays the same. Signatures are still checked, just not used in calculating the transaction identifier.

Conclusion

Transaction Malleability is fixed with Segregated Witness by no longer taking into account signatures when calculating the transaction’s fingerprint. Fixing Transaction Malleability means that the Lightning Network can work smoothly.

Want to get curated Technical Bitcoin News? Sign up for the Bitcoin Tech Talk newsletter!