From: "David A. Harding" <dave@dtrt•org>
To: Peter Todd <pete@petertodd•org>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Why Full-RBF Makes DoS Attacks on Multiparty Protocols Significantly More Expensive
Date: Tue, 10 Jan 2023 10:14:47 -1000 [thread overview]
Message-ID: <6cebd312ca960e634729cc574c2e97b0@dtrt.org> (raw)
In-Reply-To: <Y704non5DD5mtxs1@petertodd.org>
On 2023-01-10 00:06, Peter Todd wrote:
> Remember, we'd like decentralized coinjoin implementations like
> Joinmarket to
> work. How does a decentralized coinjoin implement "conflict
> monitoring"?
1. Run a relay node with a conflict-detection patch. Stock Bitcoin Core
with -debug=mempoolrej will tell you when it rejects a transaction
for conflicting with a transaction already in the mempool, e.g.:
2022-11-01T02:53:17Z
867b85d68d7a7244c1d65c4797006b56973110ac243ab5ee15a8c4d220060c58 from
peer=58 was not accepted: txn-mempool-conflict
I think it would be easy to extend this facility to list the inputs
which conflicted. So if Alice sees a conflict created by Mallory,
she can create a new coinjoin transaction without Mallory. This
method has the advantage of being fast and attributing fault,
although it does require Alice's node be online at the time Mallory's
conflict is propagated.
2. Simply assume a conflict exists for otherwise unexplainable failures.
For example, if Alice sees several new blocks whose bottom feerates
are well below the feerates of an unconfirmed coinjoin transaction
that Alice helped create and broadcast, she can assume it's a
conflict that is preventing preventing confirmation of the coinjoin.
She can find an entirely different set of collaborators and create a
non-conflicting transaction without ever needing to know which inputs
from the original transaction conflicted. This method has the
disadvantage of being slow (on the order of hours) and not
attributing
fault, although it doesn't require Alice has any information beyond
copies
of recent blocks.
I didn't list these methods or others before because the specific method
used to
detect conflicts doesn't matter to the realization that software which
uses conflict detection and evasion to defeat the $17.00 attack also
defeats the $0.05 attack without any need for full-RBF.
-Dave
next prev parent reply other threads:[~2023-01-10 20:14 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-09 22:18 Peter Todd
2023-01-10 7:11 ` David A. Harding
2023-01-10 8:47 ` Peter Todd
2023-01-10 10:02 ` David A. Harding
2023-01-10 10:06 ` Peter Todd
2023-01-10 20:14 ` David A. Harding [this message]
2023-01-13 23:37 ` Peter Todd
2023-01-10 9:19 ` alicexbt
2023-01-10 10:03 ` Peter Todd
2023-01-10 17:10 ` alicexbt
2023-01-13 23:46 ` Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6cebd312ca960e634729cc574c2e97b0@dtrt.org \
--to=dave@dtrt$(echo .)org \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=pete@petertodd$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox