From: Peter Todd <pete@petertodd•org>
To: alicexbt <alicexbt@protonmail•com>
Cc: bitcoin-dev@lists•linuxfoundation.org
Subject: Re: [bitcoin-dev] Why Full-RBF Makes DoS Attacks on Multiparty Protocols Significantly More Expensive
Date: Tue, 10 Jan 2023 05:03:16 -0500 [thread overview]
Message-ID: <Y7035Edqoq8CK+nl@petertodd.org> (raw)
In-Reply-To: <OwgJwjPrZWRtBaIDDZ8g-xbFPlryUXUopqUuKYVUNE-mVHzCWHFXl77YzDlItEjHTHcGjpzIC5alGsnFEsOtSgHLm9We92gcWrLTahzPGFk=@protonmail.com>
[-- Attachment #1: Type: text/plain, Size: 2542 bytes --]
On Tue, Jan 10, 2023 at 09:19:39AM +0000, alicexbt wrote:
> Hi Peter,
>
> > ## How Full-RBF Mitigates the Double-Spend DoS Attack
> >
> > Modulo tx-pinning, full-rbf mitigates the double-spend DoS attack in a very
> > straightforward way: the low fee transaction is replaced by the higher fee
> > transaction, resulting in the latter getting mined in a reasonable amount of
> > time and the protocol making forward progress.
>
> Asking this question based on a [discussion on twitter][0]. How would you get extra sats to increase the fees?
You're misunderstanding the issue. There is no need for extra sats to increase
fees. Coinjoin transactions already have fees set at a level at which you'd
expect them to be mined in a reasonable amount of time. Full-RBF ensures that,
modulo tx pinning, either the coinjoin gets mined, or any double-spend has to
have a high enough feerate that it will be mined in a reasonable amount of time
as well.
> It seems this would be possible with Joinmarket, Wasabi and even joinstr although things would get worse for Whirlpool. Whirlpool coinjoin transactions do not signal BIP 125 RBF so they were not replaceable earlier
Bringing up Whirlpool here is silly. Everyone knows Samourai has made, at best,
some rather insane technical decisions. Quite likely downright malicious with
their xpub collection. Their opinion isn't relevant. Cite reputable sources.
Anyway, Wasabi would like to move to making coinjoins opt-in to RBF. Though
full-rbf may come sooner; for technical reasons opt-in RBF is ugly to implement
now as activation needs to be coordinated accross all clients:
https://github.com/zkSNACKs/WalletWasabi/issues/9041#issuecomment-1376653020
> however attacker would be able to perform DoS attacks now by double spending their inputs used in coinjoin.
As I explained, attackers can already do this with or without full-rbf simply
by picking the right time to broadcast the double spend. It's not an effective
attack anyway: with a UTXO you can already hold up a coinjoin round by simply
failing to complete stage #2 of the coinjoin. Actually doing a double-spend
simply guarantees that you're spending money on it. It's only effective with
low-fee double-spends in the absence of full-rbf.
> [0]: https://twitter.com/dammkewl/status/1599692908860706818
This tweet is nuts. Eg "Gives well connected mining pools an added advantage"
is simply false. Full-RBF does the exact opposite.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2023-01-10 10:03 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-09 22:18 Peter Todd
2023-01-10 7:11 ` David A. Harding
2023-01-10 8:47 ` Peter Todd
2023-01-10 10:02 ` David A. Harding
2023-01-10 10:06 ` Peter Todd
2023-01-10 20:14 ` David A. Harding
2023-01-13 23:37 ` Peter Todd
2023-01-10 9:19 ` alicexbt
2023-01-10 10:03 ` Peter Todd [this message]
2023-01-10 17:10 ` alicexbt
2023-01-13 23:46 ` Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y7035Edqoq8CK+nl@petertodd.org \
--to=pete@petertodd$(echo .)org \
--cc=alicexbt@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox