Re: [bitcoin-dev] A proposal for Full RBF to not exclude Zero Conf use case

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Peter Todd <pete@petertodd•org>
To: Daniel Lipshitz <daniel@gap600•com>
Cc: bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org>,
	John Carvalho <john@synonym•to>
Subject: Re: [bitcoin-dev] A proposal for Full RBF to not exclude Zero Conf use case
Date: Fri, 13 Jan 2023 18:53:45 -0500	[thread overview]
Message-ID: <Y8HvCbBd5+pm8Uj2@petertodd.org> (raw)
In-Reply-To: <CACkWPs_6z7UyXzejTqjy=i+SkSz-76VdzZ20K1DzcVJxan_HZg@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2602 bytes --]

On Sun, Dec 18, 2022 at 10:06:15AM +0200, Daniel Lipshitz wrote:
> GAP600 is not a trxs processor or liquidity provider we service merchants,
> payment processors & non-custodial liquidity providers - our service is
> purely the 0-conf enabling our clients to accept 0-conf. Clients access our
> service via API - sending us the Trx hash & output address. Our service is
> not based on AML/KYC it is purely an analysis of the Bitcoin network.

I checked and to sign up for your service, you ask for the name, phone number,
email, and company name.

That is an example of AML/KYC. By learning the tx hash and output address, you
learn which addresses are associated with what real world entity is paying for
your service. You learning that information for what you claim is ~10% of all
transactions is a significant privacy concern. On that basiss alone, I would
argue that full-rbf should be implemented specifically to destroy your business
and stop the collection of that data.

> I am not at liberty to share names of other services which have developed
> their own 0-conf service - they include a payment processor on a gambling
> platform which services multiple gambling operators, a standalone gaming
> payment processor, and a payment processor recently I have come across. We
> also do not have a significant presence in Asia - so I don't have
> visibility there.

No, I asked you for information on what companies are actually using *your*
service. You claim to be involved with a huge % of all transactions. If that is
in fact true, obviously it shouldn't be hard to provide some examples of
merchants using GAP600 to accept unconfirmed txs.

> I don't see it being necessarily an either/or approach here. The risk
> looking to be mitigated with FullRBF seems to be able to be mitigated with
> FullRBF but with a swop limitation of at least the Inputs of Trx1 being in
> Trx2 - no flagging required. Added to this all these trxs always have the
> OptinRBF so if these platforms need to be able to recreate completely their
> trxs they have that option as well. The option to Swop out or bump up trxs
> seems to be well covered under those two options.

You are not correct. One of the most important use-cases for full-rbf is
multi-party transactions; adding that limitation to full-rbf negates that
usecase. See my post on why full-rbf makes DoS attacks on multiparty protocols
significantly more expensive:

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-January/021322.html

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next prev parent reply	other threads:[~2023-01-13 23:53 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-11 20:24 Daniel Lipshitz
2022-12-13  4:20 ` Yuval Kogman
2022-12-13  8:08   ` Daniel Lipshitz
2022-12-13  9:59     ` John Carvalho
2022-12-13 11:33       ` Daniel Lipshitz
2022-12-13 14:00         ` Lucas Ontivero
2022-12-13 14:08           ` Daniel Lipshitz
2022-12-13 21:41         ` Peter Todd
2022-12-13 21:58           ` Daniel Lipshitz
2022-12-16 21:14             ` Peter Todd
2022-12-18  8:06               ` Daniel Lipshitz
2023-01-13 23:53                 ` Peter Todd [this message]
2023-01-14 20:15                   ` Daniel Lipshitz
2023-01-16 10:19                     ` Daniel Lipshitz
2023-01-17 17:07                       ` Erik Aronesty
2023-01-17 17:27                         ` Daniel Lipshitz
2023-02-04 16:27                     ` Peter Todd
2023-02-06 12:08                       ` Daniel Lipshitz
2022-12-14  8:12       ` Daniel Lipshitz
2022-12-14 17:41         ` Erik Aronesty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y8HvCbBd5+pm8Uj2@petertodd.org \
    --to=pete@petertodd$(echo .)org \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=daniel@gap600$(echo .)com \
    --cc=john@synonym$(echo .)to \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox