Thanks for the Summary Michael!

It seems like fee-sensitive timelocks weren't discussed too much in the
workshop, unless I'm missing something. I also don't see any downside to it
discussed (other than that it needs a soft-fork). It seems like that would
be a great way to substantially increase the resilience of the LN to
temporary periods of fee congestion, even potentially long-running periods
that last weeks. It might even help in non-temporary fee market increases
by giving participants extra time to use some fee-bumping technique to
close or restructure their channels to compensate for the elevated fee
market.

On Thu, Jun 17, 2021 at 1:16 PM Michael Folkson via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> The workshop was previously announced by ariard on the bitcoin-dev
> mailing list here:
>
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-April/018841.html
>
> A reminder was posted to the bitcoin-dev mailing list here:
>
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-June/019068.html
>
> The conversation log for the workshop is here:
> https://gist.github.com/ariard/5f28dffe82ddad763b346a2344092ba4
>
> I’ll summarize what was discussed during the meeting but please refer
> to the L2 zoology repo ariard has set up for background context and
> additional notes: https://github.com/ariard/L2-zoology
>
> General considerations
>
> I think it is worth first reiterating the obvious that there will
> never be perfect security guarantees on network transaction fee rates
> or transaction relay. Network fee rates can in theory go up to
> anything (upper limit of infinity) and will always to some degree be
> inherently unpredictable. In addition transaction acceptance can never
> be guaranteed even if you attempt a direct connection to a miner. At
> the same time L2 protocols (e.g. Lightning and DLCs) elevate
> transaction propagation and inclusion in a time sensitive mined block
> to a security assumption from what used to just be a usability
> assumption (BlueMatt). Within those confines these workshops are
> attempting to strengthen that security assumption knowing that
> guaranteeing it is out of reach.
>
> There are considerations that blocked transaction propagation isn’t
> necessarily a problem for the victim if it is also blocked for the
> attacker. In addition some successful attacks present an opportunity
> for the victim to divert their funds to miner fees (e.g. scorched
> earth) ensuring the attacker doesn’t financially benefit from the
> attack (harding). Personally I would argue neither of these present
> much assurance to the victim. Out of conservatism one should assume
> that the attacker has greater resources than the victim (e.g. a direct
> line to a miner) and knowing a victim’s lost funds went to the miner
> instead of the attacker isn’t of much comfort to the victim (other
> than potentially presenting a disincentive for the attack in the first
> place). This is obviously further complicated if the miner is the
> attacker. In addition any incentive for miners to not mine
> transactions to wait for a potential pay-all-to-fee are troubling
> (t-bast).
>
> New(ish) ideas
>
> RubenSomsen brought up the idea of fee sensitive timelocks, they would
> need a soft fork. ariard briefly discussed the idea of a transaction
> relay overlay network. harding stated his opinion that we should be
> leaning more on miners’ profit incentive rather than attempting to
> normalize mempool policy (e.g.
>
> https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-April/002664.html
> ).
> t-bast raised the prospect of mining pools exposing public APIs to
> push them transactions directly.
>
> The impact of changes to Bitcoin Core on L2 protocols
>
> Some changes to Core (e.g. some privacy improvements) can conflict
> with the goal of minimizing transaction propagation times.
> Chris_Stewart_5 raised the idea of a nightly bitcoind build to give L2
> developers a way to write regression tests against the latest builds
> of bitcoind. He added that L2 devs should write automated regression
> test suites against bitcoind exposed RPC commands. t-bast would like a
> bitcoind “evicttx” RPC to remove a transaction from the mempool on
> regtest.
>
> Full RBF
>
> In advance of the workshop ariard posted to the mailing list a
> proposal for full RBF in a future version of Bitcoin Core:
>
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-June/019074.html
>
> Progress in this direction has been attempted in the past (e.g.
> https://github.com/bitcoin/bitcoin/pull/10823) BlueMatt pointed out
> that even with full RBF it is trivial to create mempool partitions. As
> long as RBF has a fee rate increase minimum an attacker can trivially
> split the mempool by broadcasting two conflicting transactions with
> the same fee.
>
> ariard plans to contact businesses (e.g. Lightning onboarding services
> relying on zero confirmations) to check that this possible eventual
> move to full RBF doesn’t present a problem for them. There could well
> be engineering work required in advance of the possible change being
> made.
>
> Next week’s meeting
>
> Next week’s meeting (Tuesday 22nd June, 19:00 UTC,
> #l2-onchain-support, Libera) will be on fee bumping and package relay
> that glozow has recently been working to advance in Bitcoin Core.
>
> --
> Michael Folkson
> Email: michaelfolkson@gmail.com
> Keybase: michaelfolkson
> PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>