Re: [bitcoindev] A Free-Relay Attack Exploiting RBF Rule #6

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Antoine Riard <antoine.riard@gmail•com>
To: "David A. Harding" <dave@dtrt•org>
Cc: Peter Todd <pete@petertodd•org>, bitcoindev@googlegroups.com
Subject: Re: [bitcoindev] A Free-Relay Attack Exploiting RBF Rule #6
Date: Wed, 27 Mar 2024 06:27:47 +0000	[thread overview]
Message-ID: <CALZpt+HNiwie1RNJOi9WJs-F2=YSvFdwCDfdNDuTdUuSf_kTBg@mail.gmail.com> (raw)
In-Reply-To: <012f89763cc336cd91eec13dccefc921@dtrt.org>

[-- Attachment #1: Type: text/plain, Size: 4387 bytes --]

Hi Dave,

> Could you tell us more about the disclosure process you followed?  I'm
> surprised to see it disclosed without any apparent attempt at patching.
> I'm especially concerned given your past history of publicly revealing
> vulnerabilities before they could be quietly patched[1] and the conflict
> of interest of you using this disclosure to advocate for a policy change
> you are championing.

In defense of Peter, I don't think there is a low-hanging fruit that could
have
been landed easily in Bitcoin Core. The most obvious ones could have been
a) to reduce `MAX_STANDARD_TX_WEIGHT` or b) a new rule
`max_replacement_bandwidth`
or c) a new absolute-fee based penalty on bandwidth replacement cost.

All hard to integrate in a covert fashion without attracting some attention
from the
community, which would certainly ask why we're changing the marginal
bandwidth cost.
Potentially, impacting unfavorably some use-cases.

Certainly, Peter's report could have integrated a disclosure timeline at the
example of CVE-2018-17144 [0], which I can recommend to anyone to follow
doing
security research or servicing as a security point of contact in our field.

I don't see the conflict of interest in the present disclosure ? It is
public information
that Peter is championing RBFR [1].  I'm not aware of any private interest
unfavorably
influencing Peter's behavior in the conduct of this security issue
disclosure.

One of the established principles in infosec, it's up to software vendors
to explain
why their softwares is broken or why they are "lazy" fixing issues.
Assuming sufficient
technical proof has been initially communicated by the reporter.

If you're dissatisfied by Peter's conduct in the handling of this
disclosure, you're welcome
to author vulnerability reports or assume the role of coordinating patching
responses yourself
more often. Assuming you can be reasonably trusted here.

Finally, in matters of ethics, talking as an external observer can be cheap
sometimes and it is
best to "lead-by-example", imho.

Best,
Antoine

[0] https://bitcoincore.org/en/2018/09/20/notice/
[1] https://petertodd.org/2024/one-shot-replace-by-fee-rate

Le mar. 26 mars 2024 à 18:38, David A. Harding <dave@dtrt•org> a écrit :

> On 2024-03-18 03:21, Peter Todd wrote:
> > [...] the existence of this attack is an argument in favor of
> > replace-by-fee-rate. While RBFR introduces a degree of free-relay, the
> > fact
> > that Bitcoin Core's existing rules *also* allow for free-relay in this
> > form
> > makes the difference inconsequential.
> >
> > # Disclosure
> >
> > This issue was disclosed to bitcoin-security first. I received no
> > objections to
> > making it public. All free-relay attacks are mitigated by the
> > requirement to at
> > least have sufficient funds available to allocate to fees, even if the
> > funds
> > might not actually be spent.
>
> Could you tell us more about the disclosure process you followed?  I'm
> surprised to see it disclosed without any apparent attempt at patching.
> I'm especially concerned given your past history of publicly revealing
> vulnerabilities before they could be quietly patched[1] and the conflict
> of interest of you using this disclosure to advocate for a policy change
> you are championing.
>
> -Dave
>
> [1]
>
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-June/016100.html
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Bitcoin Development Mailing List" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/bitcoindev/EJYoeNTPVhg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> bitcoindev+unsubscribe@googlegroups•com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/bitcoindev/012f89763cc336cd91eec13dccefc921%40dtrt.org
> .
>

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups•com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/CALZpt%2BHNiwie1RNJOi9WJs-F2%3DYSvFdwCDfdNDuTdUuSf_kTBg%40mail.gmail.com.

[-- Attachment #2: Type: text/html, Size: 6425 bytes --]

next prev parent reply	other threads:[~2024-03-27  9:57 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-18 13:21 Peter Todd
2024-03-19 12:37 ` Nagaev Boris
2024-03-19 13:46   ` Peter Todd
2024-03-23  0:29     ` Nagaev Boris
2024-03-22 23:18 ` [bitcoindev] " Antoine Riard
2024-03-27 13:04   ` Peter Todd
2024-03-27 19:17     ` Antoine Riard
2024-03-28 14:27       ` Peter Todd
2024-03-28 15:20         ` Peter Todd
2024-03-28 19:13         ` Antoine Riard
2024-03-28 19:47           ` Peter Todd
2024-03-29 20:48             ` Antoine Riard
2024-03-26 18:36 ` [bitcoindev] " David A. Harding
2024-03-27  6:27   ` Antoine Riard [this message]
2024-03-27 12:54     ` Peter Todd
2024-03-27 17:18 David A. Harding
2024-03-27 18:04 ` Peter Todd
2024-03-27 19:50   ` David A. Harding
2024-03-27 20:30     ` Peter Todd
2024-03-27 22:05       ` Steve Lee
2024-03-28 18:34         ` Antoine Riard
2024-03-28 19:16           ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CALZpt+HNiwie1RNJOi9WJs-F2=YSvFdwCDfdNDuTdUuSf_kTBg@mail.gmail.com' \
    --to=antoine.riard@gmail$(echo .)com \
    --cc=bitcoindev@googlegroups.com \
    --cc=dave@dtrt$(echo .)org \
    --cc=pete@petertodd$(echo .)org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox