From: Jeremy <jlrubin@mit•edu>
To: "David A. Harding" <dave@dtrt•org>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] A Replacement for RBF and CPFP: Non-Destructive TXID Dependencies for Fee Sponsoring
Date: Sat, 19 Sep 2020 09:30:56 -0700 [thread overview]
Message-ID: <CAD5xwhjZt25Bx+0MqfuY4OLJRWYmKZrfof86pPUAfJRDDsBQWA@mail.gmail.com> (raw)
In-Reply-To: <20200919133716.d5ofags2tprlvpqm@ganymede>
[-- Attachment #1: Type: text/plain, Size: 1925 bytes --]
Hi David!
Thanks for taking a look, and great question.
> Is this in the reference implementation?
It is indeed in the reference implementation. Please see
https://github.com/bitcoin/bitcoin/compare/master...JeremyRubin:subsidy-tx#diff-24efdb00bfbe56b140fb006b562cc70bR741-R743
There is no requirement that there be any input in common, just that the
sponsor vectors are identical (keep in mind that we limit our sponsor
vector by policy to 1 element, because, as you rightfully point out,
multiple sponsors is more complex to implement).
> In the second case, I think Mallory can use an existing pinning
> technique to make it expensive for Bob to fee bump. The normal
> replacement policies require a replacement to pay an absolute higher fee
> than the original transaction, so Mallory can create a 100,000 vbyte
> transaction with a single-vector sponsor at the end pointing to Bob's
> transaction. This sponsor transaction pays the same feerate as Bob's
> transaction---let's say 50 nBTC/vbyte, so 5 mBTC total fee. In order
> for Bob to replace Mallory's sponsor transaction with his own sponsor
> transaction, Bob needs to pay the incremental relay feerate (10
> nBTC/vbyte) more, so 6 mBTC total ($66 at $11k/BTC).
Yup, I was aware of this limitation but I'm not sure how practical it is as
an attack because it's quite expensive for the attacker. But there are a
few simple policies that can eliminate it:
1) A Sponsoring TX never needs to be more than, say, 2 inputs and 2
outputs. Restricting this via policy would help, or more flexibly limiting
the total size of a sponsoring paying transaction to 1000 bytes.
2) Make A Sponsoring TX not need to pay more absolute fee, just needs to
increase the feerate (perhaps with a constant relay fee bump to prevent
spam).
I think 1) is simpler and should allow full use of the sponsor mechanism
while preventing this class of issue mostly.
What do you think?
[-- Attachment #2: Type: text/html, Size: 4668 bytes --]
next prev parent reply other threads:[~2020-09-19 16:31 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-19 0:51 Jeremy
2020-09-19 1:39 ` Cory Fields
2020-09-19 16:16 ` Jeremy
2020-09-19 13:37 ` David A. Harding
2020-09-19 15:01 ` nopara73
2020-09-19 16:30 ` Jeremy [this message]
2020-09-19 17:24 ` David A. Harding
2020-09-19 18:39 ` Antoine Riard
2020-09-19 19:13 ` Antoine Riard
2020-09-19 19:46 ` Jeremy
2020-09-20 23:10 ` Antoine Riard
2020-09-21 14:52 ` David A. Harding
2020-09-21 16:27 ` Jeremy
2020-09-21 23:40 ` Antoine Riard
2020-09-22 18:05 ` Suhas Daftuar
2020-09-23 22:10 ` Jeremy
2020-09-24 4:22 ` Dmitry Petukhov
2020-09-22 6:24 ArmchairCryptologist
2020-09-22 13:52 ` Antoine Riard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAD5xwhjZt25Bx+0MqfuY4OLJRWYmKZrfof86pPUAfJRDDsBQWA@mail.gmail.com \
--to=jlrubin@mit$(echo .)edu \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=dave@dtrt$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox