From: Antoine Riard <antoine.riard@gmail•com>
To: Pieter Wuille <bitcoin-dev@wuille•net>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Proposal to stop processing of unrequested transactions in Bitcoin Core
Date: Fri, 12 Feb 2021 06:49:42 -0500 [thread overview]
Message-ID: <CALZpt+HnAbD+EGKE_=fCS8YPJ77XEqT6xvUq8YO3ErSQ+=FaxQ@mail.gmail.com> (raw)
In-Reply-To: <ii__M4064KswBFoSG8QQus9QE36Iv0wSBIEcRm-jWPZhZhT5d3aBFrjiO27whqJ5iZ6MeNuz8KMSSFec7bMAh3DddZvFRtgbngO3edsX6Cw=@wuille.net>
[-- Attachment #1: Type: text/plain, Size: 1859 bytes --]
Hi Jeremy,
If I understand correctly your concern, you're worried that change would
ease discovery of the node's tx-relay topology ? I don't scope transaction
origin inference, if you suppose the
unrequested-tx peer sending is the attacker it must have learnt the
transaction from somewhere else which is more likely to be the tx owner
rather than the probed node.
As far I can think of this change, a peer might send an unrequested
transaction to this node and observe that it's either a) processed, the
node has learnt about the txid from another peer or b) rejected, the node
has never learnt about the txid. The outcome can be queried by sending a
GETDATA for the "is-unrequested" txid.
I think the same result can already be achieved by sending an INV and
observing if a GETDATA is replied back to guess the presence of another
peer with already the knowledge of the txid. Or alternatively, just connect
to this other peer and wait for an announcement.
What else can we think of ?
From my side, compared to the already-existing heuristics, I don't see how
this change is easing attackers' work. That said, I don't deny our
transaction announcements/requests logic is worthy of more study about its
privacy properties, especially when you acknowledge the recent overhaul of
the transaction request and the upcoming Erlay changes.
Cheers,
Antoine
Le jeu. 11 févr. 2021 à 16:15, Pieter Wuille <bitcoin-dev@wuille•net> a
écrit :
>
> I'm not sure of the existing behavior is of when we issue a getdata
> request, but noting that there could be a privacy implication of this sort
> of change. Could you (or someone else) expand on why this is not a concern
> here?
>
>
> What kind of privacy concern are you talking about? I'm not sure I see how
> this could matter.
>
> Cheers,
>
> --
> Pieter
>
>
[-- Attachment #2: Type: text/html, Size: 2482 bytes --]
prev parent reply other threads:[~2021-02-12 11:49 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-10 13:13 Antoine Riard
2021-02-11 18:29 ` Jeremy
2021-02-11 21:15 ` Pieter Wuille
2021-02-12 11:49 ` Antoine Riard [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALZpt+HnAbD+EGKE_=fCS8YPJ77XEqT6xvUq8YO3ErSQ+=FaxQ@mail.gmail.com' \
--to=antoine.riard@gmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=bitcoin-dev@wuille$(echo .)net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox