Re: [bitcoin-dev] [Lightning-dev] [Pre-BIP] Fee Accounts

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: ZmnSCPxj <ZmnSCPxj@protonmail•com>
To: Jeremy <jlrubin@mit•edu>
Cc: Bitcoin Protocol Discussion
	<bitcoin-dev@lists•linuxfoundation.org>,
	lightning-dev <lightning-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] [Lightning-dev]  [Pre-BIP] Fee Accounts
Date: Sun, 20 Feb 2022 16:34:35 +0000	[thread overview]
Message-ID: <erAXod9aNdpQ3eMQQsfHwcaCe0S0rGU1Z9VnDy2yxlywBaSdaMJOEZ0XnGbIMSjRm9e3M4rJCwQuIgoNzrvw57e3jYxvi1cZPTeFYCjZ9vU=@protonmail.com> (raw)
In-Reply-To: <CAD5xwhgEeTETburW=OBgHNe_V1kk8o06TDQLiLgdfmP2AEVuPg@mail.gmail.com>

Good morning Jeremy,

> opt-in or explicit tagging of fee account is a bad design IMO.
>
> As pointed out by James O'Beirne in the other email, having an explicit key required means you have to pre-plan.... suppose you're building a vault meant to distribute funds over many years, do you really want a *specific* precommitted key you have to maintain? What happens to your ability to bump should it be compromised (which may be more likely if it's intended to be a hot-wallet function for bumping).
>
> Furthermore, it's quite often the case that someone might do a transaction that pays you that is low fee that you want to bump but they choose to opt-out... then what? It's better that you should always be able to fee bump.

Good point.

For the latter case, CPFP would work and already exists.
**Unless** you are doing something complicated and offchain-y and involves relative locktimes, of course.

Once could point out as well that Peter Todd gave just a single example, OpenTimeStamps, for this, and OpenTimeStamps is not the only user of the Bitcoin blockchain.

So we can consider: who benefits and who suffers, and does the benefit to the former outweigh the detriment of the latter?

It seems to me that the necromancing attack mostly can *only* target users of RBF that might want to *additionally* add outputs (or in the case of OTS, commitments) when RBF-ing.
For example, a large onchain-paying entity might lowball an onchain transaction for a few withdrawals, then as more withdrawals come in, bump up their feerate and add more withdrawals to the RBF-ed transaction.
Such an entity might prefer to confirm the latest RBF-ed transaction, as if an earlier transaction (which does not include some other withdrawals requested later) is necromanced, they would need to make an *entire* *other* transaction (which may be costlier!) to fulfill pending withdrawal requests.

However, to my knowledge, there is no actual entity that *currently* acts this way (I do have some sketches for a wallet that can support this behavior, but it gets *complicated* due to having to keep track of reorgs as well... sigh).

In particular, I expect that many users do not really make outgoing payments often enough that they would actually benefit from such a wallet feature.
Instead, they will generally make one payment at a time, or plan ahead and pay several in a batch at once, and even if they RBF, they would just keep the same set of outputs and just reduce their change output.
For such low-scale users, a rando third-party necromancing their old transactions could only make them happy, thus this nuisance attack cannot be executed.

We could also point out that this is really a nuisance attack and not an economic-theft attack.
The attacker cannot gain, and can only pay in order to impose costs on somebody else.
Rationally, the only winning move is not to play.

So --- has anyone actually implemented a Bitcoin wallet that has such a feature (i.e. make a lowball send transaction now, then you can add another send later and if the previous send transaction is unconfirmed, RBF it with a new transaction that has the previous send and the current send) and if so, can you open-source the code and show me?

Regards,
ZmnSCPxj

next prev parent reply	other threads:[~2022-02-20 16:34 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-01 20:04 [bitcoin-dev] " Jeremy
2022-01-18 16:12 ` Billy Tetrud
2022-01-18 17:43   ` Jeremy
2022-01-19  2:37     ` Billy Tetrud
2022-01-19  2:51       ` Jeremy
2022-01-19  4:53         ` Billy Tetrud
2022-01-19  7:32           ` Jeremy
2022-01-19 16:51             ` Billy Tetrud
2022-01-19 20:08               ` Jeremy
2022-01-20  5:23                 ` Billy Tetrud
2022-02-10  6:58 ` Peter Todd
2022-02-10  8:08   ` Jeremy Rubin
2022-02-18 23:50     ` Peter Todd
2022-02-19  0:38       ` Jeremy Rubin
2022-02-19  9:39         ` Peter Todd
2022-02-19 17:20           ` [bitcoin-dev] [Lightning-dev] " darosior
2022-02-19 20:35             ` Peter Todd
2022-02-20  2:24               ` ZmnSCPxj
2022-02-20  2:39                 ` ZmnSCPxj
     [not found]             ` <590cf52920040c9cf7517b219624bbb5@willtech.com.au>
2022-02-20 14:24               ` ZmnSCPxj
2022-02-20 16:29                 ` Jeremy Rubin
     [not found]                 ` <CAD5xwhgEeTETburW=OBgHNe_V1kk8o06TDQLiLgdfmP2AEVuPg@mail.gmail.com>
2022-02-20 16:34                   ` ZmnSCPxj [this message]
2022-02-20 16:45                     ` Jeremy Rubin
2022-02-20 16:29           ` [bitcoin-dev] " Jeremy Rubin
2022-04-10 19:32             ` Peter Todd
2022-04-11 13:18               ` Jeremy Rubin
2022-04-15 14:52                 ` Peter Todd
2022-04-17 20:57                   ` Jeremy Rubin
2022-04-28 12:15                     ` Peter Todd
2022-05-02 15:59                       ` Jeremy Rubin
2022-06-14 11:12                         ` [bitcoin-dev] Why OpenTimestamps does not "linearize" its transactions Peter Todd
2022-06-14 11:39                           ` Undiscussed Horrific Abuse, One Victim of Many
2022-06-14 11:53                             ` Undiscussed Horrific Abuse, One Victim of Many
2022-06-14 12:28                               ` rot13maxi
2022-06-14 12:45                                 ` Undiscussed Horrific Abuse, One Victim of Many
2022-06-14 13:55                                   ` Bryan Bishop
2022-06-14 15:06                                     ` digital vagabond
2022-06-14 15:34                                   ` Peter Todd
2022-06-14 17:15                                     ` Undiscussed Horrific Abuse, One Victim of Many
2022-06-14 20:33                                       ` Andrew Poelstra
2022-06-15  1:16                                         ` Undiscussed Horrific Abuse, One Victim of Many
2022-06-15  1:21                                           ` Undiscussed Horrific Abuse, One Victim of Many
2022-06-19 11:04                                           ` Peter Todd
2022-06-14 15:22                               ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='erAXod9aNdpQ3eMQQsfHwcaCe0S0rGU1Z9VnDy2yxlywBaSdaMJOEZ0XnGbIMSjRm9e3M4rJCwQuIgoNzrvw57e3jYxvi1cZPTeFYCjZ9vU=@protonmail.com' \
    --to=zmnscpxj@protonmail$(echo .)com \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=jlrubin@mit$(echo .)edu \
    --cc=lightning-dev@lists$(echo .)linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox