On Wed, Mar 27, 2024 at 06:27:47AM +0000, Antoine Riard wrote: > Hi Dave, > > > Could you tell us more about the disclosure process you followed? I'm > > surprised to see it disclosed without any apparent attempt at patching. > > I'm especially concerned given your past history of publicly revealing > > vulnerabilities before they could be quietly patched[1] and the conflict > > of interest of you using this disclosure to advocate for a policy change > > you are championing. > > In defense of Peter, I don't think there is a low-hanging fruit that could > have > been landed easily in Bitcoin Core. The most obvious ones could have been > a) to reduce `MAX_STANDARD_TX_WEIGHT` or b) a new rule > `max_replacement_bandwidth` > or c) a new absolute-fee based penalty on bandwidth replacement cost. To be clear, I _did_ disclose the issue on bitcoin-security and no-one had any objections to disclosing it publicly. > All hard to integrate in a covert fashion without attracting some attention > from the > community, which would certainly ask why we're changing the marginal > bandwidth cost. > Potentially, impacting unfavorably some use-cases. > > Certainly, Peter's report could have integrated a disclosure timeline at the > example of CVE-2018-17144 [0], which I can recommend to anyone to follow > doing > security research or servicing as a security point of contact in our field. Since this attack is just a relatively minor extension of existing, publicly disclosed, attacks, I don't think there was any need for formal disclosure timelines. It's interesting that the attack exists; it does not substantially change the status quo. I don't believe the other attacks in this attack class are even possible to fix. We just have to live with the fact that a degree of free relay is always going to be possible. > I don't see the conflict of interest in the present disclosure ? It is > public information > that Peter is championing RBFR [1]. I'm not aware of any private interest > unfavorably > influencing Peter's behavior in the conduct of this security issue > disclosure. Well, there is a conflict of interest in trying to keep this issue under wraps: Replace-By-Fee-Rate benefits from public discussion of the fact that many different free-relay attacks are possible. The arguments against RBFR mainly hinge on the idea that free-relay is preventable. -- https://petertodd.org 'peter'[:-1]@petertodd.org -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZgQXHpraCWeEyDKe%40petertodd.org.