Since I raised this with Hasu in early Jan[0], I've been looking for ways to eliminate transaction replacement that are consensus compatible (since first safe seen is not). The best I could come up with is "Uncontested Safe", which I've tried to sketch out in a brief medium article[1]. Am I retracing steps? Feedback would be appreciated. [0] https://twitter.com/mikekelly85/status/1217590668735983622 [1] https://medium.com/@mikekelly85/uncontested-safe-protocol-e5af8c145f1 Cheers, M On Sat, Feb 1, 2020 at 10:12 PM ha su via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Hi all, > > I think I discovered an interesting form of sabotage attack (possible for > miners) that tries to create coordination disincentives among Bitcoin users > - named after the dystopian movie The Purge, where all crime is legal for > one night every year. > > TLDR > * An attacker replaces the most recent blocks full of transactions with > empty blocks. > * Previously confirmed txns return into the mempool, where anyone with a > minimum of technical knowledge or access to public tools can > opportunistically double-spend their txns back to themselves. (the process > is the same as double-spending regular zero-conf txns) > > The attack seems useful to undermine trust in Bitcoin's assurances, e.g. > the future finality of transactions. It differs from other forms of > sabotage (e.g. DoS by mining only empty blocks) in that it specifically > disrupts the coordination process among users in response to the attack. > > By giving some users a chance to benefit from the attack, the attacker > gives them a vested interest in staying on the attack chain. If enough > users accept the invitation to double-spend, it might become harder to come > to consensus on how to deal with the attack. > > Purge attacks probably don’t constitute a bigger risk than other known > forms of sabotage attacks, but seem like an interesting spin where the > attacker specifically targets the pre-coordination of defenders. > > You can find the full report, incl. some mitigations against sabotage > attacks, at > https://blog.deribit.com/insights/destabilizing-bitcoin-consensus-with-purge-attacks/ > > Your feedback is highly appreciated. > > Regards, > Hasu > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > -- Mike http://twitter.com/mikekelly85 http://linkedin.com/in/mikekelly123