Treat non-final transactions as non-standard

At least one service that accepted zero-confirmation transactions was vulnerable because an attacker could send a transaction with a lock time far in the future, and then have plenty of time in which to get a double-spend mined (perhaps from a miner who wasn't on the network when the first transaction was broadcast). That is a variation on the "Finney attack". We still don't recommend anybody accept 0-confirmation transactions as final payment for anything. This change keeps non-final transactions from appearing in the wallet, and, assuming most of the network accepts this change, will prevent them from being relayed until they are final.
12 years ago · 6f8730752c
1 changed files with 3 additions and 0 deletions
--- a/src/main.cpp
+++ b/src/main.cpp
@ -368,6 +368,9 @@ bool CTransaction::IsStandard() const
				@@ -368,6 +368,9 @@ bool CTransaction::IsStandard() const
    if (nVersion > CTransaction::CURRENT_VERSION)
        return false;

+    if (!IsFinal())
+        return false;
+
    BOOST_FOREACH(const CTxIn& txin, vin)
    {
        // Biggest 'standard' txin is a 3-signature 3-of-3 CHECKMULTISIG