Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 24C50C0037 for ; Wed, 20 Dec 2023 19:49:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id DBD6140A74 for ; Wed, 20 Dec 2023 19:49:10 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org DBD6140A74 Authentication-Results: smtp2.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm2 header.b=8++6EjvA X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z1sNiEdZurba for ; Wed, 20 Dec 2023 19:49:09 +0000 (UTC) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by smtp2.osuosl.org (Postfix) with ESMTPS id 0E0BE41767 for ; Wed, 20 Dec 2023 19:49:08 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 0E0BE41767 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 17B895C05A2; Wed, 20 Dec 2023 14:49:03 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Wed, 20 Dec 2023 14:49:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1703101743; x=1703188143; bh=pL2gT2bmjxfbng5o2gYstIAh+hYh 1CDnkA1TB2XJqBo=; b=8++6EjvAfLxRmPO46QW0vjXD2xI2Jac6D9kjnnyGQ3Vv oX0OCZ+mRfVrLqmhGShoON+XZ+gHf/5IdI4x2UxPwzM/ekC38PIs0MLwvEki1TkQ ISv87pXSXm8Ge71YzSffDqDkRs4EWSHEc180Qw3EZTZndMx4OocbX5p2DMBTwBON Wzv9b8W27H49uiBADpwNVkQatb0eaJjimixqQk8EnnvgtJxbML1DHWKv57w6r5Hh fYd5iJMf588y5LiNuqq0msr+lY0B4+jY49lac8N/FF8ICCIklIvGJFmJ8qfy4Jmy 8gmbx8dnI/pT9PE1V/ffndVJMAqRmerkWi/K/ZwafQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdduvddgudeftdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvght vghrucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrth htvghrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefh jedtnecuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggu rdhorhhg X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 20 Dec 2023 14:49:02 -0500 (EST) Received: by localhost (Postfix, from userid 1000) id 9B97B5F84E; Wed, 20 Dec 2023 19:48:59 +0000 (UTC) Date: Wed, 20 Dec 2023 19:48:59 +0000 From: Peter Todd To: Gloria Zhao Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="eHvNDj2GtvZ+LdUw" Content-Disposition: inline In-Reply-To: Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] V3 Transactions are still vulnerable to significant tx pinning griefing attacks X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Dec 2023 19:49:11 -0000 --eHvNDj2GtvZ+LdUw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 20, 2023 at 07:13:22PM +0000, Gloria Zhao wrote: > The "damage" of the pin can quantified by the extra fees Alice has to pay. >=20 > For a v3 transaction, Mallory can attach 1000vB at 80sat/vB. This can > increase the cost of replacement to 80,000sat. > For a non-v3 transaction, Mallory can attach (101KvB - N) before maxing o= ut > the descendant limit. > Rule #4 is pretty negligible here, but since you've already specified > Alice's child as 152vB, she'll need to pay Rule #3 + 152sats for a > replacement. >=20 > Let's say N is 1000vB. AFAIK commitment transactions aren't usually small= er > than this: You make a good point that the commitment transaction also needs to be incl= uded in my calculations. But you are incorrect about the size of them. With taproot and ephemeral anchors, a typical commitment transaction would = have a single-sig input (musig), two taproot outputs, and an ephemeral anchor output. Such a transaction is only 162vB, much less than 1000vB. In my experience, only a minority of commitment transactions that get mined have HTLCs outstanding; even if there is an HTLC outstanding, that only get= s us up to 206vB. > > Mallory can improve the efficiency of his griefing attack by attacking > multiple > > targets at once. Assuming Mallory uses 1 taproot input and 1 taproot > output for > > his own funds, he can spend 21 ephemeral anchors in a single 1000vB > > transaction. >=20 > Note that v3 does not allow more than 1 unconfirmed parent per tx. Ah, pity, I had misremembered that restriction as being removed, as that is= a potentially significant improvement in scenarios where you need to do things like deal with a bunch of force closes at once. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --eHvNDj2GtvZ+LdUw Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmWDRSkACgkQLly11TVR LzenvBAAlZo/mBduMLIqCcUC0ryGerwPgSVfT6oOWh5La0XVwIjnQTPqxK6pR+x6 WNenlGlWtrPx4Prl+pgsSeCrzL/VNw8bpVjT3AotkQ4yB0ln63yG1sgysLGQ2KdF 3W+fNiQMLijgz06L7MVf72qBtpYa3swt9zWQgdMVTpc8La5CnWXbBIRbe2joRtTK eO3aakFWMr+2HDC6/CrhmA+SdytRLSC1vhEJoamRMfF8wdnkcGULq1oQhqDEYCcf DQapf6dYPVVxvmINnrCK+nXeRMcr0amJH0q94H821Njtohp4f2hQbcAKh8/FxZ5d 13clUl2UzChdIp96ACdzO26RpOcv7fTYTdXuLEJmOv4mNWxnfD7AkoEteZ0wy/bX ZEtzS5r53pTbgvFS5PtGsT1qpzmIqqTwl6LATDB046F4creumV8+l5NWnPJMz3vh X4o7MnC7SnkRLIyhTcd27GYhukCEvX1MCWeSIVGQopkHld/dWT1LpLpxDVfIWaKM 5ZcA2tL8nHOY5Y2L9Z75xikpR18nv2KTaGTjuk8fudKV0KTPKhgK3LFhd1Ikfkwe z81Zj10nCWHbJkre+GTCcpdA0w83R0stA/hMXe22LY4/y8d0odvBfhwCtEW+4vpe /cAFwguQHzQyKER9jXwkZg29lo88Dm++1Zq2KJeGL1J3d7PXUsw= =WdHc -----END PGP SIGNATURE----- --eHvNDj2GtvZ+LdUw--