Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UaOsh-0003VX-Sd for bitcoin-development@lists.sourceforge.net; Thu, 09 May 2013 11:19:27 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.215.179 as permitted sender) client-ip=209.85.215.179; envelope-from=adam.back@gmail.com; helo=mail-ea0-f179.google.com; Received: from mail-ea0-f179.google.com ([209.85.215.179]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UaOse-0003J7-9M for bitcoin-development@lists.sourceforge.net; Thu, 09 May 2013 11:19:27 +0000 Received: by mail-ea0-f179.google.com with SMTP id h14so1478559eaj.10 for ; Thu, 09 May 2013 04:19:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:date:from:to:cc:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent:x-hashcash:x-hashcash:x-hashcash; bh=X0EUSqPuFa5czHV2913/vpx+aaDWWMalKFmTzvkBnBc=; b=hOUGImCJIWKvHmpiStTKHdOC+AVk1HDPqyOXT4zFqgxMbq9NJx3KDWWCCcJmEqM44h g/Vba6o6UZ+PYjWdZt4ONm3DcPtFSaXzBErbS5bFMPZBxoFVvISc51l5PAI1iFfB63m4 I1EiSuzs/414cYKESjCp3PFPKnneECg7q6UPC+yzryaIieJNQGNfCsKHxdoK421GY03m w3BN4dDaxIEWaBUGfjiP3F4oADpmcy+3OAu3RmhAlFAfL/A7uqjIRFdF9uu92EXAoL3Q XEYHDBBL3zZSvvkMvJBZ2OeQwiPbDbtrkWDIqLPflRtntD4kJYlUUrESSjUo3K+Dwmd4 3Fyw== X-Received: by 10.14.106.200 with SMTP id m48mr28295088eeg.17.1368098357852; Thu, 09 May 2013 04:19:17 -0700 (PDT) Received: from netbook (c83-90.i07-21.onvol.net. [92.251.83.90]) by mx.google.com with ESMTPSA id e2sm3485346eem.16.2013.05.09.04.19.15 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 09 May 2013 04:19:16 -0700 (PDT) Received: by netbook (Postfix, from userid 1000) id 71E642E0619; Thu, 9 May 2013 13:19:14 +0200 (CEST) Received: by flare (hashcash-sendmail, from uid 1000); Thu, 9 May 2013 13:19:13 +0200 Date: Thu, 9 May 2013 13:19:13 +0200 From: Adam Back To: John Dillon Message-ID: <20130509111913.GA15870@netbook.cypherspace.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Hashcash: 1:20:130509:john.dillon892@googlemail.com::BzPmYpyQfs+jdoN/:00000000 0000000000000000000000000sej X-Hashcash: 1:20:130509:bitcoin-development@lists.sourceforge.net::q8TkaYVkYw84w mw6:000000000000000000002N9l X-Hashcash: 1:20:130509:adam@cypherspace.org::wawxfJ/CFJ52TOsH:00000000000000000 0000000000000000000000000s13 X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (adam.back[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1UaOse-0003J7-9M Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] An initial replace-by-fee implementation is now available X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 May 2013 11:19:28 -0000 In this thread discussing this idea https://bitcointalk.org/index.php?topic=179612.0 it is suggested that the approach risks making 0-confirm double-spends easier. I dont see why this should be. Cant part of the validation of accepting a fee revision be that every aspct of the revision except the reward must be unchanged, otherwise the revision is considered invalid and discarded? (ie same payment amount, same input coins, same recipient and same change address.) Adam On Thu, May 09, 2013 at 09:58:50AM +0000, John Dillon wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA256 > >After some consultation with affected sites by myself and Peter we have decided >to release an initial replace-by-fee implementation and setup a server using >those rules on testnet. This implementation does not include recursive fee >evaluation, and is therefore vulnerable to DoS attack, so hopefully that will >continue to allow adoption to proceed gradually. We can-not recommend mining on >mainnet with it. It does not include an "undo" RPC command or an adjust fees, >and Peter says he has not implemented one yet. Patches are welcome. > >Specifically there were requests from vulnerable parties, which interestingly >included a site that knew they had bugs related to replacement but not >financial vulnerabilities, to put up a server on testnet to check wallet code. >The vulnerable requested to remain undisclosed. An additional consideration was >the upcoming anti-dust rules which are yet another example of why zero-conf is >so much more dangerous to accept than single-conf. Two of the people contacting >us brought up that issue in fact. > >The code is on github: > > https://github.com/petertodd/bitcoin/tree/replace-by-fee > >and a replace-by-fee server operating on testnet is available at >testnet-replace-by-fee.bitcoin.petertodd.org To test you will need to use the >raw transaction API and manually create the replacement transaction. Do note >that your wallet will retain the existing one and no mechanism yet exists to >delete the old transaction from your wallet. Again, a certain amount of >"cludgyness" to this is intentional to discourage premature non-testing use. > > >Regarding the reward, I've decided Peter will collect the full amount even >though the work is not %100 complete (the mempool aspect) due to his concern >about staging an implementation properly, working with vulnerable sites, and >overall genuine interest in the actual issues at hand rather than the reward. >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.4.11 (GNU/Linux) > >iQEcBAEBCAAGBQJRi3LeAAoJEEWCsU4mNhiPwscH/2CI0d3h/3jix3iyz2I9I8Sz >6nbP8eA01l9kzG37cH1rFAbt7C+fL/nardV4U1qmiwC0MN7NPpX6BFn5eQ2PUKbu >41+AnjgWicB2tnCC07ngboQ1JCeZ+RTfATepuMxEdWFBsc8ZQXs0apWS01FT+TDq >J/a7QkhNfTaAQzXyqmLp0TQO7/Z7ysmCftOhtGbfvfhF2o23BuphQiRVA9IOoUuj >Fgb5wrfQqJ8TjvXRXAUQ7SUlzfN9BlPxMkTc6NhbcgIpuq1Kb43mLoDl3s2irH4A >GtjRtobV5Cfozm1r+8KPtIYEoQoj0PqTjO5YMwD/vTaRfNzdS4Tse5LQLGT6Jug= >=M1mj >-----END PGP SIGNATURE----- > >------------------------------------------------------------------------------ >Learn Graph Databases - Download FREE O'Reilly Book >"Graph Databases" is the definitive new guide to graph databases and >their applications. This 200-page book is written by three acclaimed >leaders in the field. The early access version is available now. >Download your free book today! http://p.sf.net/sfu/neotech_d2d_may >_______________________________________________ >Bitcoin-development mailing list >Bitcoin-development@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/bitcoin-development