From: Antoine Riard <antoine.riard@gmail•com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: [bitcoin-dev] Playing with full-rbf peers for fun and L2s security
Date: Mon, 13 Jun 2022 20:25:11 -0400 [thread overview]
Message-ID: <CALZpt+GOh-7weEypT9JrzcwthZJqHOfj7sf9FMuqi5_FZv0g7w@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 3706 bytes --]
Hi list,
Recent discussions among LN devs have brought back on the surface concerns
about the security of multi-party funded transactions (coinjoins,
dual-funded LN channels, on-chain DLCs, ...). It turns out there is a
low-fruit, naive DoS vector playable against the funding flow of any such
construction due to the lack of existent full-rbf transaction-relay
topology on today's p2p network [0] [1]. While it does not consist in a
direct loss of funds, if exploited well I think it's annoying enough to
inflict significant timevalue loss or fee-bumping waste
to the future providers or distributed swarm of users doing multi-party
funded transactions. Of course, it can be fixed one layer above by
introducing either fidelity bonds or a reliable centralized coordinator,
though at the price of an overhead per-participant ressources cost and loss
in system openness [1].
For that reason, I believe it would be beneficial to the flourishing of
multi-party funded transactions to fix the Dos vector by seeing a subset of
the network running full-rbf and enabling propagation of honest multi-party
transactions to the interested miners, replacing potential non-signaling
double-spend from a malicious counterparty. Moving towards that direction,
I've submitted a small patch against Bitcoin Core enabling it to turn on
full-rbf as a policy, still under review [3]. The default setting stays
**false**, i.e keeping opt-in RBF as a default replacement policy. I've
started to run the patch on a public node at 146.190.224.15.
If you're a node operator curious to play with full-rbf, feel free to
connect to this node or spawn up a toy, public node yourself. There is a
##uafrbf libera chat if you would like information on the settings or
looking for full-rbf friends (though that step could be automated in the
future by setting up a dedicated network bit and reserving a few outbound
slots for them).
If you're a mining operator looking to increase your income, you might be
interested to experiment with full-rbf as a policy. Indeed, in the future I
believe the multi-party transactions issuers who need full-rbf to secure
their funding flow should connect by default to full-rbf peers. One can
conjecture that their transactions are likely to be more compelling in
their feerate as their liquidity needs are higher than the simple
transaction. For today, I think we have really few standards and bitcoin
softwares relying on multi-party funded transactions [4].
If you're a Bitcoin user or business and you don't like full-rbf, please
express an opinion on how it might affect your software/operations. I'm
always interested to learn more about mempool and transaction-relay
interactions with upper-layers and applications and to listen to feedback
in those areas, and I guess a lot of other Bitcoin researchers/devs too. I
know there have been a lot of concerns about full-rbf in the past, however
I believe the Bitcoin ecosystem has matured a lot since then.
Any mistakes or missing context is my own.
Cheers,
Antoine
[0] For more info about replace-by-fee, see
https://bitcoinops.org/en/topics/replace-by-fee/
[1] For more details about the DoS vector, see
https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-May/003033.html
[2] E.g I think it does not affect the Lightning Pool service, as there is
a preliminary step where the participant funds are locked first in a 2-of-2
with the coordinator before being committed in the multi-party batch
transaction.
[3] https://github.com/bitcoin/bitcoin/pull/25353
[4] E.g DLCs :
https://github.com/discreetlogcontracts/dlcspecs/blob/master/Transactions.md
; Lightning dual-funded channel :
https://github.com/lightning/bolts/pull/851
[-- Attachment #2: Type: text/html, Size: 4212 bytes --]
next reply other threads:[~2022-06-14 0:25 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-14 0:25 Antoine Riard [this message]
2022-06-15 2:27 ` Peter Todd
2022-06-15 2:53 ` Luke Dashjr
2022-06-15 3:18 ` Peter Todd
2022-06-16 0:16 ` alicexbt
2022-06-16 1:02 ` Greg Sanders
2022-06-16 1:45 ` alicexbt
2022-06-16 5:43 ` linuxfoundation.cndm1
2022-06-16 12:47 ` alicexbt
2022-06-16 13:24 ` Greg Sanders
[not found] ` <gmDNbfrrvaZL4akV2DFwCuKrls9SScQjqxeRoEorEiYlv24dPt1j583iOtcB2lFrxZc59N3kp7T9KIM4ycl4QOmGBfDOUmO-BVHsttvtvDc=@protonmail.com>
2022-06-17 1:34 ` Antoine Riard
2022-06-17 4:54 ` alicexbt
2022-06-19 10:42 ` Peter Todd
2022-06-21 23:43 ` Antoine Riard
2022-06-26 16:40 ` alicexbt
2022-06-27 0:43 ` Peter Todd
2022-06-27 12:03 ` Greg Sanders
2022-06-27 13:46 ` Peter Todd
2022-07-05 20:46 ` alicexbt
2022-07-08 14:53 ` Peter Todd
2022-07-08 15:09 ` Greg Sanders
2022-07-08 19:44 ` alicexbt
2022-07-09 15:06 ` Antoine Riard
2022-06-20 23:49 ` Peter Todd
2022-06-21 23:45 ` Antoine Riard
2022-06-23 19:13 ` Peter Todd
2022-08-24 1:56 ` Antoine Riard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALZpt+GOh-7weEypT9JrzcwthZJqHOfj7sf9FMuqi5_FZv0g7w@mail.gmail.com \
--to=antoine.riard@gmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox