Transaction malleability has been an issue for Bitcoin since its inception. Actually, most Bitcoin developers call it a bug because it allows malicious people to alter the unique ID of a bitcoin transaction before it’s confirmed so they can receive double funds.
Hackers take advantage of the transaction malleability flaw in bitcoin to rob exchanges and individuals, and this how they do it:
A hacker can request to withdraw his/her funds from an exchange, and when the exchange creates a transaction, this hacker immediately tweaks the unique signature of that transaction to produce a different hash. From there on, he/she immediately retransmits that same transaction to miners with a different ID.
Thus, we all know that the hacker has received funds from the exchange, but he/she will lie to the exchange that the transaction has not gone through.
The exchange will check for the initial ID and see that the original transaction did not go through and then the exchange will resend the funds and this hacker now gets double the amount from that exchange which is not cool.
To fix the transaction malleability flaw, the vast majority of crypto exchanges and wallets have implemented a concept called Segregated Witness or SegWit.
What is Segregated Witness (SegWit)?
It is a soft fork change to the Bitcoin transaction architecture. The idea of SegWit was conceptualized by Peter Wuille who first presented it at the scaling Bitcoin conference in Hong Kong in late 2015. He called his concept Segregated Witness because it removes the “Witness part” from bitcoin transactions.
All bitcoin transactions have two main types of information that is contained within them: One part has inputs (sender’s address) and outputs (receiver’s address), and the other part is proof that those transfers are authorized by the respective private key holders (digital signatures and witness data).
When SegWit is implemented on a bitcoin transaction, it removes the witness data from the base transaction block of 1MB, and it pushes it to an extended block of 3MB. Thus, the base transaction block only comprises the inputs and outputs, and all witness data is encrypted on an extended block when calculating the transaction ID. Therefore, if a hacker tries to alter the digital signatures, it does not affect the transaction ID at all.
Other Benefits of Segregated Witness
Segregated Witness does not only fix transaction malleability issues, but it also has other benefits such as:
Data capacity increase.
In a traditional bitcoin transaction, digital signatures and witness data make up more than 65% of each block. When SegWit is implemented on a bitcoin transaction it moves this witness data to an extended block, which means it frees space in the base transaction block of 1 MB to add more transactions per second. Amazingly, SegWit does this without breaking any of the existing consensus rules – including the block size limit.
On average, it takes 10 minutes to mine one bitcoin. Although SegWit does not decrease the mining time, it essentially allows more transactions to be added into a block. SegWit transactions take a short confirmation time when compared to traditional bitcoin transactions.
Reduced transaction fees.
SegWit transactions are light compared to traditional bitcoin transactions. This means miners can include several SegWit transactions in one block. Consequently, they charge a lower fee.
Allows Layer 2 protocol developments.
Layer 2 refers to a secondary framework or protocol, that is built on top of an existing blockchain system. Apparently, the most renowned layer 2 protocol on the bitcoin blockchain is the Lightning Network, and for it to be effective at scaling bitcoin, there needs to be the assurance that the transaction cannot be tampered with. Accordingly, Lightning network implementation is in code with SegWit.
How do you know that you are using SegWit?
The bitcoin community is adapting to SegWit; literally, 50% of the transactions confirmed by miners each day are SegWit transactions. SegWit addresses are different from traditional or legacy bitcoin addresses; they begin with a 3 or bc1. The latter is for the Native SegWit and the former is for P2SH nested SegWit.
It is important to note that SegWit addresses are backward compatible; you can transfer your BTC from a traditional bitcoin address to a SegWit address as a normal BTC transfer.
Using Segregated Witness is optional, however, transactions that don’t use SegWit are still susceptible to transaction malleability. I believe that in the future we will see mass adoption of SegWit because there are more developments, especially in second layer protocols that are designed to work in code with SegWit.