From: alicexbt <alicexbt@protonmail•com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Why Full-RBF Makes DoS Attacks on Multiparty Protocols Significantly More Expensive
Date: Tue, 10 Jan 2023 17:10:37 +0000 [thread overview]
Message-ID: <b3dDOCk8uf5GYtk12iN_EvY9obWchVL-qrNzEJMSf9JqqdcE6uBT8-alz-uK8aNeG_WyUGPLCi1tUxdhjXIPf2uMTbzCaV_5JHUk-FM1wJg=@protonmail.com> (raw)
In-Reply-To: <Y7035Edqoq8CK+nl@petertodd.org>
Hi Peter,
> Bringing up Whirlpool here is silly. Everyone knows Samourai has made, at best,
> some rather insane technical decisions. Quite likely downright malicious with
> their xpub collection. Their opinion isn't relevant. Cite reputable sources.
I didn't want this thread to become a wasabi vs samourai debate instead wanted to focus on full-rbf and how it affects different coinjoin implementations. Samourai wallet can be used with [dojo][0] that includes full node and Whirlpool can be used in [sparrow Wallet][1] as well. There are several reasons to not use wasabi and consider their opinion irrelevant. Wasabi has many privacy issues including address reuse and consolidation in a coinjoin tx. They completely lost their reputation after deciding to work with chain analysis firms that help governments for censorship of some UTXOs.
Even _nothingmuch_ who has contributed to Wasabi's coinjoin implementation has [no major issues][2] with whirlpool if used properly. Some [tweets][3] in this thread even show their incompetence and major issues with wabisabi.
Anyway thanks for responding to other things I mentioned in last email.
[0]: https://code.samourai.io/dojo/samourai-dojo
[1]: https://sparrowwallet.com/docs/mixing-whirlpool.html
[2]: https://twitter.com/search?lang=en&q=whirlpool%20(from%3AmHaGqnOACyFm0h5)&src=typed_query
[3]: https://twitter.com/mHaGqnOACyFm0h5/status/1538748210210013184
/dev/fd0
floppy disc guy
Sent with Proton Mail secure email.
------- Original Message -------
On Tuesday, January 10th, 2023 at 3:33 PM, Peter Todd <pete@petertodd•org> wrote:
> On Tue, Jan 10, 2023 at 09:19:39AM +0000, alicexbt wrote:
>
> > Hi Peter,
> >
> > > ## How Full-RBF Mitigates the Double-Spend DoS Attack
> > >
> > > Modulo tx-pinning, full-rbf mitigates the double-spend DoS attack in a very
> > > straightforward way: the low fee transaction is replaced by the higher fee
> > > transaction, resulting in the latter getting mined in a reasonable amount of
> > > time and the protocol making forward progress.
> >
> > Asking this question based on a discussion on twitter. How would you get extra sats to increase the fees?
>
>
> You're misunderstanding the issue. There is no need for extra sats to increase
> fees. Coinjoin transactions already have fees set at a level at which you'd
> expect them to be mined in a reasonable amount of time. Full-RBF ensures that,
> modulo tx pinning, either the coinjoin gets mined, or any double-spend has to
> have a high enough feerate that it will be mined in a reasonable amount of time
> as well.
>
> > It seems this would be possible with Joinmarket, Wasabi and even joinstr although things would get worse for Whirlpool. Whirlpool coinjoin transactions do not signal BIP 125 RBF so they were not replaceable earlier
>
>
> Bringing up Whirlpool here is silly. Everyone knows Samourai has made, at best,
> some rather insane technical decisions. Quite likely downright malicious with
> their xpub collection. Their opinion isn't relevant. Cite reputable sources.
>
> Anyway, Wasabi would like to move to making coinjoins opt-in to RBF. Though
> full-rbf may come sooner; for technical reasons opt-in RBF is ugly to implement
> now as activation needs to be coordinated accross all clients:
>
> https://github.com/zkSNACKs/WalletWasabi/issues/9041#issuecomment-1376653020
>
> > however attacker would be able to perform DoS attacks now by double spending their inputs used in coinjoin.
>
>
> As I explained, attackers can already do this with or without full-rbf simply
> by picking the right time to broadcast the double spend. It's not an effective
> attack anyway: with a UTXO you can already hold up a coinjoin round by simply
> failing to complete stage #2 of the coinjoin. Actually doing a double-spend
> simply guarantees that you're spending money on it. It's only effective with
> low-fee double-spends in the absence of full-rbf.
>
>
> This tweet is nuts. Eg "Gives well connected mining pools an added advantage"
> is simply false. Full-RBF does the exact opposite.
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
next prev parent reply other threads:[~2023-01-10 17:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-09 22:18 Peter Todd
2023-01-10 7:11 ` David A. Harding
2023-01-10 8:47 ` Peter Todd
2023-01-10 10:02 ` David A. Harding
2023-01-10 10:06 ` Peter Todd
2023-01-10 20:14 ` David A. Harding
2023-01-13 23:37 ` Peter Todd
2023-01-10 9:19 ` alicexbt
2023-01-10 10:03 ` Peter Todd
2023-01-10 17:10 ` alicexbt [this message]
2023-01-13 23:46 ` Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='b3dDOCk8uf5GYtk12iN_EvY9obWchVL-qrNzEJMSf9JqqdcE6uBT8-alz-uK8aNeG_WyUGPLCi1tUxdhjXIPf2uMTbzCaV_5JHUk-FM1wJg=@protonmail.com' \
--to=alicexbt@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox