public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Greg Sanders <gsanders87@gmail•com>
To: Peter Todd <pete@petertodd•org>,
	 Bitcoin Protocol Discussion
	<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Playing with full-rbf peers for fun and L2s security
Date: Mon, 27 Jun 2022 08:03:38 -0400	[thread overview]
Message-ID: <CAB3F3DtwX=nkcYPDHxFygEMZafhD3m+XuKc+BKuhwFs0J4VNUA@mail.gmail.com> (raw)
In-Reply-To: <Yrj9N7k8osWsxhY4@petertodd.org>

[-- Attachment #1: Type: text/plain, Size: 2059 bytes --]

One key difference seems to be that properly punishing someone based on
mempool behavior seems much more difficult. As we all know there is no "the
mempool".



On Sun, Jun 26, 2022, 8:43 PM Peter Todd via bitcoin-dev <
bitcoin-dev@lists•linuxfoundation.org> wrote:

> On Sun, Jun 26, 2022 at 04:40:24PM +0000, alicexbt via bitcoin-dev wrote:
> > Hi Antoine,
> >
> > Thanks for sharing the DoS attack example with alternatives.
> >
> > > - Caroll broadcasts a double-spend of her own input C, the
> double-spend is attached with a low-fee (1sat/vb) and it does _not_ signal
> opt-in RBF
> > > - Alice broadcasts the multi-party transaction, it is rejected by the
> network mempools because Alice double-spend is already present
> >
> > I think this affects almost all types of coinjoin transaction including
> coordinator based implementations. I tried a few things and have already
> reported details for an example DoS attack to one of the team but there is
> no response yet.
> >
> > It was fun playing with RBF, DoS and Coinjoin. Affected projects should
> share their opinion about full-rbf as it seems it might improve things.
> >
> > Example:
> >
> > In Wasabi an attacker can broadcast a transaction spending input used in
> coinjoin after sending signature in the round. This would result in a
> coinjoin tx which never gets relayed:
> https://nitter.net/1440000bytes/status/1540727534093905920
>
> Note that Wasabi already has a DoS attack vector in that a participant can
> stop
> participating after the first phase of the round, with the result that the
> coinjoin fails. Wasabi mitigates that by punishing participating in future
> rounds. Double-spends only create additional types of DoS attack that need
> to
> be detected and punished as well - they don't create a fundamentally new
> vulerability.
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists•linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>

[-- Attachment #2: Type: text/html, Size: 3106 bytes --]

  reply	other threads:[~2022-06-27 12:03 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-14  0:25 Antoine Riard
2022-06-15  2:27 ` Peter Todd
2022-06-15  2:53   ` Luke Dashjr
2022-06-15  3:18     ` Peter Todd
2022-06-16  0:16 ` alicexbt
2022-06-16  1:02   ` Greg Sanders
2022-06-16  1:45     ` alicexbt
2022-06-16  5:43       ` linuxfoundation.cndm1
2022-06-16 12:47         ` alicexbt
2022-06-16 13:24       ` Greg Sanders
     [not found] ` <gmDNbfrrvaZL4akV2DFwCuKrls9SScQjqxeRoEorEiYlv24dPt1j583iOtcB2lFrxZc59N3kp7T9KIM4ycl4QOmGBfDOUmO-BVHsttvtvDc=@protonmail.com>
2022-06-17  1:34   ` Antoine Riard
2022-06-17  4:54     ` alicexbt
2022-06-19 10:42       ` Peter Todd
2022-06-21 23:43       ` Antoine Riard
2022-06-26 16:40         ` alicexbt
2022-06-27  0:43           ` Peter Todd
2022-06-27 12:03             ` Greg Sanders [this message]
2022-06-27 13:46               ` Peter Todd
2022-07-05 20:46             ` alicexbt
2022-07-08 14:53               ` Peter Todd
2022-07-08 15:09                 ` Greg Sanders
2022-07-08 19:44                 ` alicexbt
2022-07-09 15:06                 ` Antoine Riard
2022-06-20 23:49 ` Peter Todd
2022-06-21 23:45   ` Antoine Riard
2022-06-23 19:13     ` Peter Todd
2022-08-24  1:56       ` Antoine Riard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAB3F3DtwX=nkcYPDHxFygEMZafhD3m+XuKc+BKuhwFs0J4VNUA@mail.gmail.com' \
    --to=gsanders87@gmail$(echo .)com \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=pete@petertodd$(echo .)org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox