Re: [bitcoin-dev] A proposal for Full RBF to not exclude Zero Conf use case

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Daniel Lipshitz <daniel@gap600•com>
To: Peter Todd <pete@petertodd•org>
Cc: bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org>,
	John Carvalho <john@synonym•to>
Subject: Re: [bitcoin-dev] A proposal for Full RBF to not exclude Zero Conf use case
Date: Sat, 14 Jan 2023 22:15:30 +0200	[thread overview]
Message-ID: <CACkWPs_Nqm1663c1q8xHX=A0Gpa7m1kV_QX6t0s8uPOEh3WQLA@mail.gmail.com> (raw)
In-Reply-To: <Y8HvCbBd5+pm8Uj2@petertodd.org>

[-- Attachment #1: Type: text/plain, Size: 4197 bytes --]

On Sat, Jan 14, 2023 at 1:53 AM Peter Todd <pete@petertodd•org> wrote:

> On Sun, Dec 18, 2022 at 10:06:15AM +0200, Daniel Lipshitz wrote:
> > GAP600 is not a trxs processor or liquidity provider we service
> merchants,
> > payment processors & non-custodial liquidity providers - our service is
> > purely the 0-conf enabling our clients to accept 0-conf. Clients access
> our
> > service via API - sending us the Trx hash & output address. Our service
> is
> > not based on AML/KYC it is purely an analysis of the Bitcoin network.
>
> I checked and to sign up for your service, you ask for the name, phone
> number,
> email, and company name.
>
> That is an example of AML/KYC. By learning the tx hash and output address,
> you
> learn which addresses are associated with what real world entity is paying
> for
> your service. You learning that information for what you claim is ~10% of
> all
> transactions is a significant privacy concern. On that basiss alone, I
> would
> argue that full-rbf should be implemented specifically to destroy your
> business
> and stop the collection of that data.
>
> We have standard commercial information about the payment processors, non
custodial liquidity providers and merchants which become our clients - we
do not have any kyc/aml information or telephone number on who is sending
our clients the bitcoin for deposit.  For us these are just bitcoin Trx
which our clients choose to benefit from 0-conf deposit recognition. Our
service is provided via API with the only information our clients share
with us, regarding a specific bitcoin transaction, being public bitcoin
information like trx hash and output address.

> I am not at liberty to share names of other services which have developed
> > their own 0-conf service - they include a payment processor on a gambling
> > platform which services multiple gambling operators, a standalone gaming
> > payment processor, and a payment processor recently I have come across.
> We
> > also do not have a significant presence in Asia - so I don't have
> > visibility there.
>
> No, I asked you for information on what companies are actually using *your*
> service. You claim to be involved with a huge % of all transactions. If
> that is
> in fact true, obviously it shouldn't be hard to provide some examples of
> merchants using GAP600 to accept unconfirmed txs.
>

As already posted here
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-December/021240.html
Max CEO from Coinspaid who has provided Cpoinspaid address clusters, see
link, is available to discuss further and may choose to share further
information on the merchants they support.

>
> > I don't see it being necessarily an either/or approach here. The risk
> > looking to be mitigated with FullRBF seems to be able to be mitigated
> with
> > FullRBF but with a swop limitation of at least the Inputs of Trx1 being
> in
> > Trx2 - no flagging required. Added to this all these trxs always have the
> > OptinRBF so if these platforms need to be able to recreate completely
> their
> > trxs they have that option as well. The option to Swop out or bump up
> trxs
> > seems to be well covered under those two options.
>
> You are not correct. One of the most important use-cases for full-rbf is
> multi-party transactions; adding that limitation to full-rbf negates that
> usecase. See my post on why full-rbf makes DoS attacks on multiparty
> protocols
> significantly more expensive:
>
>
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-January/021322.html


I also note that there is ongoing debate as to the need for full RBF see
here
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-January/021331.html
.

This seems to be an extreme edge case - with Opt-in RBF, FSS Full RBF and
common sense - offering enough coverage to mitigate.

0-conf although may not be liked by some actors in Bitcoin, is engaged with
free choice and understanding of the risks. 0-conf is a long standing and
significant use case which should not be ignored. 0-conf demise should be
viewed as being a major and unnecessary cost to FullRBF as currently
implemented.

> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
>

[-- Attachment #2: Type: text/html, Size: 5814 bytes --]

next prev parent reply	other threads:[~2023-01-14 20:15 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-11 20:24 Daniel Lipshitz
2022-12-13  4:20 ` Yuval Kogman
2022-12-13  8:08   ` Daniel Lipshitz
2022-12-13  9:59     ` John Carvalho
2022-12-13 11:33       ` Daniel Lipshitz
2022-12-13 14:00         ` Lucas Ontivero
2022-12-13 14:08           ` Daniel Lipshitz
2022-12-13 21:41         ` Peter Todd
2022-12-13 21:58           ` Daniel Lipshitz
2022-12-16 21:14             ` Peter Todd
2022-12-18  8:06               ` Daniel Lipshitz
2023-01-13 23:53                 ` Peter Todd
2023-01-14 20:15                   ` Daniel Lipshitz [this message]
2023-01-16 10:19                     ` Daniel Lipshitz
2023-01-17 17:07                       ` Erik Aronesty
2023-01-17 17:27                         ` Daniel Lipshitz
2023-02-04 16:27                     ` Peter Todd
2023-02-06 12:08                       ` Daniel Lipshitz
2022-12-14  8:12       ` Daniel Lipshitz
2022-12-14 17:41         ` Erik Aronesty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CACkWPs_Nqm1663c1q8xHX=A0Gpa7m1kV_QX6t0s8uPOEh3WQLA@mail.gmail.com' \
    --to=daniel@gap600$(echo .)com \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=john@synonym$(echo .)to \
    --cc=pete@petertodd$(echo .)org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox