Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XD1oF-0005ND-SS for bitcoin-development@lists.sourceforge.net; Fri, 01 Aug 2014 01:39:03 +0000 X-ACL-Warn: Received: from qmta01.westchester.pa.mail.comcast.net ([76.96.62.16]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1XD1oE-0000Qs-Im for bitcoin-development@lists.sourceforge.net; Fri, 01 Aug 2014 01:39:03 +0000 Received: from omta15.westchester.pa.mail.comcast.net ([76.96.62.87]) by qmta01.westchester.pa.mail.comcast.net with comcast id ZBLi1o0051swQuc51Dexhe; Fri, 01 Aug 2014 01:38:57 +0000 Received: from crushinator.localnet ([IPv6:2601:6:4800:47f:1e4e:1f4d:332c:3bf6]) by omta15.westchester.pa.mail.comcast.net with comcast id ZDew1o00U2JF60R3bDexWu; Fri, 01 Aug 2014 01:38:57 +0000 From: Matt Whitlock To: Kaz Wesley Date: Thu, 31 Jul 2014 21:38:56 -0400 Message-ID: <3826251.5rGb1MfKOu@crushinator> User-Agent: KMail/4.13.3 (Linux/3.12.21-gentoo-r1; KDE/4.13.3; x86_64; ; ) In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [76.96.62.16 listed in list.dnswl.org] 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XD1oE-0000Qs-Im Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] deterministic transaction expiration X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2014 01:39:04 -0000 It would make more sense to introduce a new script opcode that pushes t= he current block height onto the operand stack. Then you could implemen= t arbitrary logic about which blocks the transaction can be valid in. T= his would require that the client revalidate all transactions in its me= mpool (really, only those making use of this opcode) whenever the chain= tip changes. On Thursday, 31 July 2014, at 5:58 pm, Kaz Wesley wrote: > There is currently little in place for managing transaction lifetime > in the network's mempools (see discussion in github in #3722 "mempool= > transaction expiration", and it seems to be a major factor blocking > some mempool exchange, see #1833/1918, #3721). Expiry per-node a > certain amount of wall time after receipt has been proposed, but > that's a fragile mechanism -- a single node could keep all relayable > transactions alive forever by remembering transactions until most > nodes have dropped them and then releasing them back into the wild. >=20 > I have a proposal for a way to add finite and predictable lifespans t= o > transactions in mempools: we d=CC=B6e=CC=B6s=CC=B6t=CC=B6r=CC=B6o=CC=B6= y=CC=B6 =CC=B6t=CC=B6h=CC=B6e=CC=B6 > =CC=B6r=CC=B6e=CC=B6s=CC=B6u=CC=B6r=CC=B6r=CC=B6e=CC=B6c=CC=B6t=CC=B6= i=CC=B6o=CC=B6n=CC=B6 =CC=B6h=CC=B6u=CC=B6b=CC=B6 use nLockTime and a n= ew standardness > rule. It could be done in stages, would not necessarily require even = a > soft fork, and does not cause problems with reorgs like the proposal > in #3509: > 1. start setting nLockTime to the current height by default in newly > created transactions (or slightly below the current height, for > reorg-friendliness) > 2. once users have had some time to upgrade to clients that set > nLockTime, start discouraging transactions without nLockTime -- > possibly with a slightly higher fee required for relay > 3. start rate-limiting relay of transactions without an nLockTime > (maybe this alone could be used to achieve [2]) > 4. add a new IsStandard rule rejecting transactions with an nLockTime= > more than N blocks behind the current tip (for some fixed value N, to= > be determined) >=20 > Transactions would stop being relayed and drop out of mempools a fixe= d > number of blocks from their creation; once that window had passed, th= e > sender's wallet could begin to expect the transaction would not be > confirmed. In case a reorg displaces a transaction until after its > expiry height, a miner can still put it back in the blockchain; the > expiry height is just a relay rule. Also, a user who needed to get > their original "expired" transaction confirmed could still do so by > submitting it directly to a miner with suitable policies.