> "Then should you really be running an exchange handling millions of dollars of transactions?"
So what happens to people who aren't running an exchange handling millions of dollars of transactions? It doesn't matter if they get screwed by this flaw?
I read much of the wiki and never encountered any reference to transactional malleability.
Well don't forget, there's a standard client that works fine. These exchanges were writing their own custom clients, but that's probably not something a one man shop would have to do. And if you have to modify the client, you should definitely be reading the wiki. And test it extensively when you're running million dollar exchanges.
The bitcoin reference client seems to get confused by this. It seems to allow additional spending of the unconfirmed change addresses and forms a chain of double spent transactions. The bitcoin balance as reported by 'getbalance' also becomes unreliable as it computes the balance incorrectly. Eventually the wallet stops working.
So what happens to people who aren't running an exchange handling millions of dollars of transactions? It doesn't matter if they get screwed by this flaw?
I read much of the wiki and never encountered any reference to transactional malleability.