From: Jeff Garzik <jgarzik@bitpay•com>
To: Chun Wang <1240902@gmail•com>
Cc: bitcoin-development <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] F2Pool has enabled full replace-by-fee
Date: Fri, 19 Jun 2015 08:43:25 -0700 [thread overview]
Message-ID: <CAJHLa0M-u=x-TN-1G8PPzDy=uSxGwhbgMEzK_DCfAfOkfsA-AQ@mail.gmail.com> (raw)
In-Reply-To: <CAFzgq-zbcARe4ePj_3wA9mEzKE3PsGQ3Kb0-ALyTk054uzrrTA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 7511 bytes --]
Yes, FSS RBF is far better.
On Fri, Jun 19, 2015 at 6:52 AM, Chun Wang <1240902@gmail•com> wrote:
> Before F2Pool's launch, I performed probably the only successful
> bitcoin double spend in the March 2013 fork without any mining power.
> [ https://bitcointalk.org/index.php?topic=152348.0 ] I know how bad
> the full RBF is. We are going to switch to FSS RBF in a few hours.
> Sorry.
>
> On Fri, Jun 19, 2015 at 9:44 PM, Peter Todd <pete@petertodd•org> wrote:
> > On Fri, Jun 19, 2015 at 09:33:05AM -0400, Stephen Morse wrote:
> >> It is disappointing that F2Pool would enable full RBF when the safe
> >> alternative, first-seen-safe RBF, is also available, especially since
> the
> >> fees they would gain by supporting full RBF over FSS RBF would likely be
> >> negligible. Did they consider using FSS RBF instead?
> >
> > Specifically the following is what I told them:
> >
> >> We are
> >> interested in the replace-by-fee patch, but I am not following the
> >> development closely, more background info is needed, like what the
> >> difference between standard and zeroconf versions? Thanks.
> >
> > Great!
> >
> > Basically both let you replace one transaction with another that pays a
> > higher fee. First-seen-safe replace-by-fee adds the additional criteria
> > that all outputs of the old transaction still need to be paid by the new
> > transaction, with >= as many Bitcoins. Basically, it makes sure that if
> > someone was paid by tx1, then tx2 will still pay them.
> >
> > I've written about how wallets can use RBF and FSS-RBF to more
> > efficiently use the blockchain on the bitcoin-development mailing list:
> >
> >
> http://www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg07813.html
> >
> http://www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg07829.html
> >
> > Basically, for the purpose of increasing fees, RBF is something like %50
> > cheaper than CPFP, and FSS-RBF is something like %25 cheaper.
> >
> > In addition, for ease of implementation, my new FSS-RBF has a number of
> > other restrictions. For instance, you can't replace multiple
> > transactions with one, you can't replace a transaction whose outputs
> > have already been spent, you can't replace a transaction with one that
> > spends additional unconfirmed inputs, etc. These restrictions aren't
> > "set in stone", but they do make the code simpler and less likely to
> > have bugs.
> >
> > In comparison my previous standard RBF patch can replace multiple
> > transactions with one, can replace long chains of transactions, etc.
> > It's willing to do more computation before deciding if a transaction
> > should be replaced, with more complex logic; it probably has a higher
> > chance of having a bug or DoS attack.
> >
> > You've probably seen the huge controversy around zeroconf with regard to
> > standard replace-by-fee. While FSS RBF doesn't make zeroconf any safer,
> > it also doesn't make it any more dangerous, so politically with regard
> > to zeroconf it makes no difference. You *can* still use it doublespend
> > by taking advantage of how different transactions are accepted
> > differently, but that's true of *every* change we've ever made to
> > Bitcoin Core - by upgrading to v0.10 from v0.9 you've also "broken"
> > zeroconf in the same way.
> >
> >
> > Having said that... honestly, zeroconf is pretty broken already. Only
> > with pretty heroic measures like connecting to a significant fraction of
> > the Bitcoin network at once, as well as connecting to getblocktemplate
> > supporting miners to figure out what transactions are being mined, are
> > services having any hope of avoiding getting ripped off. For the average
> > user their wallets do a terrible job of showing whether or not an
> > unconfirmed transaction will go through. For example, Schildbach's
> > Bitcoin wallet for Android has no code at all to detect double-spends
> > until they get mined, and I've been able to trick it into showing
> > completely invalid transactions. In fact, currently Bitcoin XT will
> > relay invalid transactions that are doublepsends, and Schildbach's
> > wallet displays them as valid, unconfirmed, payments. It's really no
> > surprise to me that nearly no-one in the Bitcoin ecosystem accepts
> > unconfirmed transactions without some kind of protection that doesn't
> > rely on first-seen-safe mempool behavior. For instance, many ATM's these
> > days know who their customers are due to AML requirements, so while you
> > can deposit Bitcoins and get your funds instantly, the protection for
> > the ATM operator is that they can go to the police if you rip them off;
> > I've spoken to ATM operators who didn't do this who've lost hundreds or
> > even thousands of dollars before giving up on zeroconf.
> >
> > My big worry with zeroconf is a service like Coinbase or Shapeshift
> > coming to rely on it, and then attempting to secure it by gaining
> > control of a majority of hashing power. For instance, if Coinbase had
> > contracts with 80% of the Bitcoin hashing power to guarantee their
> > transactions would get mined, but 20% of the hashing power didn't sign
> > up, then the only way to guarantee their transactions could be for the
> > 80% to not build on blocks containing doublespends by the 20%. There's
> > no way in a decentralized network to come to consensus about what
> > transactions are or are not valid without mining itself, so you could
> > end up in a situation where unless you're part of one of the big pools
> > you can't reliably mine at all because your blocks may get rejected for
> > containing doublespends.
> >
> > One of my goal with standard replace-by-fee is to prevent this scenario
> > by forcing merchants and others to implement ways of accepting zeroconf
> > transactions safely that work in a decentralized environment regardless
> > of what miners do; we have a stronger and safer Bitcoin ecosystem if
> > we're relying on math rather than trust to secure our zeroconf
> > transactions. We're also being more honest to users, who right now often
> > have the very wrong impression that unconfirmed transactions are safe to
> > accept - this does get people ripped off all too often!
> >
> >
> > Anyway, sorry for the rant! FWIW I updated my FSS-RBF patch and am
> > waiting to get some feedback:
> >
> > https://github.com/bitcoin/bitcoin/pull/6176
> >
> > Suhas Daftuar did find a pretty serious bug in it, now fixed. I'm
> > working on porting it to v0.10.2, and once that's done I'm going to put
> > up a bounty for anyone who can find a DoS attack in the patch. If no-one
> > claims the bounty after a week or two I think I'll start feeling
> > confident about using it in production.
> >
> >
> > --
> > 'peter'[:-1]@petertodd.org
> > 000000000000000003188926be14e5fbe2f8f9c63c9fb8e2ba4b14ab04f1c9ab
> >
> >
> ------------------------------------------------------------------------------
> >
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development@lists•sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> >
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
--
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc. https://bitpay.com/
[-- Attachment #2: Type: text/html, Size: 9894 bytes --]
next prev parent reply other threads:[~2015-06-19 15:43 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-19 10:39 Peter Todd
2015-06-19 13:33 ` Gavin Andresen
2015-06-19 13:52 ` Peter Todd
2015-06-19 14:00 ` Adrian Macneil
2015-06-19 14:08 ` Peter Todd
2015-06-19 14:30 ` Adrian Macneil
2015-06-19 14:59 ` Peter Todd
2015-06-19 15:20 ` Adrian Macneil
2015-06-19 15:40 ` Peter Todd
2015-06-19 16:18 ` Adrian Macneil
2015-06-19 16:37 ` Peter Todd
2015-06-19 20:39 ` Matt Whitlock
2015-06-19 21:05 ` Frank Flores
2015-06-19 21:15 ` Jeff Garzik
2015-06-20 0:47 ` Andreas Petersson
2015-06-20 1:09 ` Mark Friedenbach
2015-06-20 1:23 ` Aaron Voisine
2015-06-20 3:07 ` Eric Lombrozo
2015-06-20 3:48 ` Luke Dashjr
2015-06-20 4:02 ` Eric Lombrozo
2015-06-20 16:43 ` Ivan Brightly
2015-06-20 17:38 ` Cameron Hejazi
2015-06-19 14:40 ` Chun Wang
2015-06-19 15:22 ` Adrian Macneil
2015-06-19 13:33 ` Stephen Morse
2015-06-19 13:37 ` Chun Wang
2015-06-19 13:48 ` Peter Todd
2015-06-19 14:16 ` Lawrence Nahum
2015-06-19 13:40 ` Adrian Macneil
2015-06-19 13:44 ` Peter Todd
2015-06-19 13:52 ` Chun Wang
2015-06-19 15:43 ` Jeff Garzik [this message]
2015-06-19 19:49 ` Jeffrey Paul
2015-06-19 15:42 ` Jeff Garzik
2015-06-19 16:15 ` Peter Todd
2015-06-19 15:00 ` justusranvier
2015-06-19 15:11 ` Peter Todd
2015-06-19 15:37 ` Eric Lombrozo
2015-06-19 15:53 ` justusranvier
2015-06-19 16:36 ` Matt Whitlock
2015-06-19 16:42 ` Eric Lombrozo
2015-06-19 16:46 ` Matt Whitlock
2015-06-19 16:53 ` Peter Todd
2015-06-19 16:54 ` justusranvier
2015-06-19 17:00 ` Tier Nolan
2015-06-20 23:20 ` Jorge Timón
2015-06-20 23:37 ` justusranvier
2015-06-21 0:19 ` Eric Lombrozo
2015-06-21 0:27 ` justusranvier
2015-06-21 0:36 ` Eric Lombrozo
2015-06-21 0:54 ` Eric Lombrozo
2015-06-21 5:56 ` Tom Harding
2015-06-21 6:45 ` Jeff Garzik
2015-06-21 7:42 ` Eric Lombrozo
2015-06-21 8:35 ` Eric Lombrozo
2015-06-21 8:41 ` Btc Drak
2015-06-21 8:51 ` Eric Lombrozo
2015-06-21 19:49 ` Jeff Garzik
2015-06-21 18:23 ` Aaron Voisine
2015-06-19 16:44 ` justusranvier
2015-06-19 17:40 ` Jeff Garzik
2015-06-19 17:48 ` justusranvier
2015-06-19 17:50 ` Jeff Garzik
2015-06-19 18:00 ` justusranvier
2015-06-19 16:50 ` Milly Bitcoin
2015-06-19 16:41 ` [Bitcoin-development] Remove Us Please Gigas Gaming Inc.
2015-06-19 18:34 ` Jameson Lopp
2015-06-19 19:55 ` John Bodeen
2015-06-19 20:01 ` Brian Hoffman
2015-06-19 20:27 ` Jameson Lopp
2015-06-20 23:16 ` [Bitcoin-development] F2Pool has enabled full replace-by-fee Jorge Timón
2015-06-20 23:47 ` Eric Lombrozo
2015-06-20 23:52 ` Eric Lombrozo
2015-06-20 23:56 ` Eric Lombrozo
2015-06-19 15:39 ` justusranvier
2015-06-19 15:39 ` Jeff Garzik
2015-06-20 20:04 ` odinn
2015-06-21 2:11 ` Dario Sneidermanis
2015-06-21 2:23 ` Dario Sneidermanis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJHLa0M-u=x-TN-1G8PPzDy=uSxGwhbgMEzK_DCfAfOkfsA-AQ@mail.gmail.com' \
--to=jgarzik@bitpay$(echo .)com \
--cc=1240902@gmail$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox