Re: [Bitcoin-development] alternate proposal opt-in miner takes double-spend (Re: replace-by-fee v0.10.0rc4)

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Natanael <natanael.l@gmail•com>
To: Peter Todd <pete@petertodd•org>
Cc: bitcoin-development@lists•sourceforge.net
Subject: Re: [Bitcoin-development] alternate proposal opt-in miner takes double-spend (Re: replace-by-fee v0.10.0rc4)
Date: Sun, 22 Feb 2015 15:44:30 +0100	[thread overview]
Message-ID: <CAAt2M191ZnfofpJejNV_4uNaAVDyV89_+Zu5z7MT8sOhp7PQ7w@mail.gmail.com> (raw)
In-Reply-To: <CAAt2M18fPgYOsfdebmU1Tk6ATnndPBn0k2PN-4fUJs1iTBTqnQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2788 bytes --]

Den 22 feb 2015 14:29 skrev "Natanael" <natanael.l@gmail•com>:
>
>
> Den 22 feb 2015 13:36 skrev "Peter Todd" <pete@petertodd•org>:
>
> > Implementing it as a general purpose scripting language improvement has
> > a lot of advantages, not least of which is that you no longer need to
> > rely entirely on inherently unreliable P2P networking: Promise to never
> > create two signatures for a specific BIP32 root pubkey and make
> > violating that promise destroy and/or reallocate a fidelity bond whose
> > value is locked until some time into the future. Since the fidelity bond
> > is a separate pool of funds, detection of the double-spend can happen
> > later.
>
> Somebody sent me a zero-confirmation transaction, or one that got
orphaned after one block. I created a transaction spending that UTXO, and
another.
>
> So at that point I have UTXO_orphaned based on the sender's UTXO_origin
and my UTXO_old (because I've had it unspent for a long time), both in one
transaction, creating UTXO_new.
>
> Now he doublespend UTXO_origin to create a UTXO_doublespend (which
conflicts with UTXO_orphaned). He conspires with a miner to get it into a
block.
>
> Now what? Can my UTXO_old effectively be tainted forever because UTXO_new
got invalidated together with UTXO_orphaned? Will that transaction be a
valid proof of doublespend against a new UTXO_replacement I created?
>
> Or otherwise, if only transactions where all UTXO's are currently valid
works as doublespend proofs, aren't you still just left without protection
against any one miner that conspires with doublespend attempting thieves?
>
> In other words, you are unprotected and potentially at greater risk if
you create a transaction depending on another zero-confirmation transaction.

Additional comments:

If you punish the creation of UTXO_replacement, you will punish people who
was lead to think zero-confirmation transactions were safe and thus that
chains of zero-confirmation transactions also were safe.

If you don't, but STILL accept chains of zero-confirmation transactions
were not all of them are covered by fidelity bonds, then you failed to
protect yourself against thieves who creates chains of unconfirmed
transactions.

Another question: if all transactions in the chain are covered by fidelity
bonds for their own value, which one pays out to who? Does only the first
one pay out, and only to the last party in the chain? Or to every
subsequent party after him? In full or just a fraction? Why, why not? You
might not know which of these serviced their customers in full without
getting full value back in exchange due to the doublespend.

What if the fidelity bond is too small, do you stop accepting it as a
zero-confirmation transaction?

Do you even accept chains of unconfirmed transactions at all?

[-- Attachment #2: Type: text/html, Size: 3267 bytes --]

next prev parent reply	other threads:[~2015-02-22 14:44 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-22  8:02 Adam Back
2015-02-22 12:34 ` Peter Todd
2015-02-22 13:29   ` Natanael
2015-02-22 13:50     ` Matt Whitlock
2015-02-22 14:07       ` Peter Todd
2015-02-22 16:00       ` Justus Ranvier
2015-02-22 16:17         ` Natanael
2015-02-22 16:25           ` Justus Ranvier
2015-02-22 16:36             ` Natanael
2015-02-23 11:03       ` Mike Hearn
2015-02-22 14:44     ` Natanael [this message]
2015-02-22 14:11   ` Adam Back
2015-02-22 14:25     ` Bryan Bishop
2015-02-22 14:33     ` Peter Todd
2015-02-22 15:18       ` joliver
2015-02-22 15:41         ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAt2M191ZnfofpJejNV_4uNaAVDyV89_+Zu5z7MT8sOhp7PQ7w@mail.gmail.com \
    --to=natanael.l@gmail$(echo .)com \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    --cc=pete@petertodd$(echo .)org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox