Return-Path: <user@petertodd.org>
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
 by lists.linuxfoundation.org (Postfix) with ESMTP id A0696C002D
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Sat,  6 Aug 2022 15:48:09 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp1.osuosl.org (Postfix) with ESMTP id 4D4EF82AC3
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Sat,  6 Aug 2022 15:48:09 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 4D4EF82AC3
Authentication-Results: smtp1.osuosl.org;
 dkim=pass (2048-bit key, unprotected) header.d=petertodd.org
 header.i=@petertodd.org header.a=rsa-sha256 header.s=fm2 header.b=W2cuSyE1; 
 dkim=pass (2048-bit key,
 unprotected) header.d=messagingengine.com header.i=@messagingengine.com
 header.a=rsa-sha256 header.s=fm1 header.b=WxPgHOLo
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -1.462
X-Spam-Level: 
X-Spam-Status: No, score=-1.462 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DATE_IN_PAST_24_48=1.34, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Received: from smtp1.osuosl.org ([127.0.0.1])
 by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 7pkhPKR1Zjq6
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Sat,  6 Aug 2022 15:48:08 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 26BE6828F2
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com
 [64.147.123.25])
 by smtp1.osuosl.org (Postfix) with ESMTPS id 26BE6828F2
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Sat,  6 Aug 2022 15:48:08 +0000 (UTC)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.west.internal (Postfix) with ESMTP id 48BB532003CE;
 Sat,  6 Aug 2022 11:48:04 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Sat, 06 Aug 2022 11:48:04 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=petertodd.org;
 h=cc:content-type:date:date:from:from:in-reply-to:in-reply-to
 :message-id:mime-version:references:reply-to:sender:subject
 :subject:to:to; s=fm2; t=1659800883; x=1659887283; bh=9cBIqasbe/
 ffOnuy8dPZHKgrRqXzRE/IXsHry0laKdI=; b=W2cuSyE19UAbOCc3Xi794wD/sy
 9Sn35E4/uyJR1kBHmH2DnU604B4YcNrBKooh62SrXvlVq3PW4NMQkuF+N+xPBagm
 8/LDuZo1+nc0mTsyg6vzuEUJmDwEFB5EcDr9CDRgcpEKH5QZDzE27mGfcIALTpIh
 MXAEhliV+qiIf6cmrAHLJiYevKjea+pax9RARVNCKyUqtz2vkv97QzQuvMS1812n
 /oM8zjuLYPZhun/vDDIlnRLh29LaFMxjTNYcgFr4wtfBAnb62fxMmefOBXE+XKlP
 XMzGttUKM3SMwz7raRWbGkk5QXj5NkAt6RKcUQZN8vlBux2v+jKcyBFFV7XQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:date:feedback-id
 :feedback-id:from:from:in-reply-to:in-reply-to:message-id
 :mime-version:references:reply-to:sender:subject:subject:to:to
 :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
 fm1; t=1659800883; x=1659887283; bh=9cBIqasbe/ffOnuy8dPZHKgrRqXz
 RE/IXsHry0laKdI=; b=WxPgHOLorhH1bDAIw3ZsBLLOjFkTu58/tputE4mwS5kY
 vj+80/UOs6tQ0skfyBjKFWUJx4JDs9EEhud4NKQZXnBVQEpywtaYbph7q0x5lZjl
 UCqvARdGEFynDHNPuFFCKv03z7t56fFS8VkoFgNB4sZDHO5gdfNhcHpkjKIkGIxB
 JDomlqleSXTfPdRpjXqOiwcz6ofUJmeM5bRkc7OUpZeFsMn+y2QsI+ZTlyNcAOPh
 +Irb1nBE7bbUVPUSbGwXfG799qLRDimsQR7vq3xW0cKVW0iwCHa4N1kcznhe9Qbm
 xpvQd6rPqK1Krg6CNoOKwbJC7dthE06w5z8Vgyu0uw==
X-ME-Sender: <xms:M43uYpkktoTpP78C1sZQCxHCoN8fXGW0h5PdsbATRPPKFx4ZqWo9vg>
 <xme:M43uYk0ncdmVU1OTrEH2KrkfyEgpHPmF35oFOqSvJ1PSX9PGIaHF3IIyX_Rjbhfs7
 04YnvYmqTmPpdjGXZE>
X-ME-Received: <xmr:M43uYvpB2TY9hWvov0C1wKHwuTP6sbhNN11ly0STupCNVT2BeBs11OOw0fU>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdeffedgleehucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhepfffhvffukfhfgggtuggjsehgtderredttdejnecuhfhrohhmpefrvghtvghr
 ucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvg
 hrnhepjeekueehkeffteefffdtgeejkeetieevheeiueeggfeukeegveeuveehgfehtdek
 necuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuihiivg
 eptdenucfrrghrrghmpehmrghilhhfrhhomhepuhhsvghrsehpvghtvghrthhouggurdho
 rhhg
X-ME-Proxy: <xmx:M43uYpkfI2-cjq7fu2qG0pugkCwVF4zEqyd_1SjHYI-TyAeZtpOR9g>
 <xmx:M43uYn2up-vaFPXwV91iRZkaQEIk4__Zex2l1JA7yzQVTz-XRZbMNg>
 <xmx:M43uYos1TL9UH4T2oqtRwoKy4cbMmLWNRzXJvjdCKNjQBB3lzaelsw>
 <xmx:M43uYk_kavk0F571zJQKWLpe-a3KTwDyL_r-cQeIm9fZfw6iGwiUSw>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat,
 6 Aug 2022 11:48:03 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
 id 371F85F848; Thu,  4 Aug 2022 14:06:34 -0400 (EDT)
Date: Thu, 4 Aug 2022 14:06:34 -0400
From: Peter Todd <pete@petertodd.org>
To: Michael Folkson <michaelfolkson@protonmail.com>,
 Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Message-ID: <YuwKqnfj0MyXhbE6@petertodd.org>
References: <zl3fWujFF4mSjfXz_d1gA73ALTnN_LaaGKyidRR6azX9toY2-j7cUkfVcU1ggIhJ0cjK9oA4q1jF5mDob6bdlDp4yaWHZKxxev-zjUQBqTk=@protonmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="IJwBPXtQQ3L997rR"
Content-Disposition: inline
In-Reply-To: <zl3fWujFF4mSjfXz_d1gA73ALTnN_LaaGKyidRR6azX9toY2-j7cUkfVcU1ggIhJ0cjK9oA4q1jF5mDob6bdlDp4yaWHZKxxev-zjUQBqTk=@protonmail.com>
Subject: Re: [bitcoin-dev] RBF rules,
 setting policy defaults in Bitcoin Core and the role of BIPs
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Aug 2022 15:48:09 -0000


--IJwBPXtQQ3L997rR
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 04, 2022 at 02:54:54PM +0000, Michael Folkson via bitcoin-dev w=
rote:
> A short history of RBF and BIP125
>=20
> The history of BIP125 is as far as I=E2=80=99m aware this. RBF rules were=
 merged into Bitcoin Core in November 2015 [0]. Following that merge David =
Harding and Peter Todd drafted a BIP (BIP125 [1]) outlining the RBF rules t=
hat had been implemented in Bitcoin Core. The rationales for the rules in t=
he BIP was a bit lacking (in my opinion) but recall this is 2015 (7 years a=
go!) when L2 protocols were in their infancy. Certainly the research on the=
 security of L2 protocols has come a long way since and we have a much bett=
er idea of some of the possible attacks on L2 protocols that to some extent=
 are impacted by policy rules.
>=20
> In addition it was discovered [2] in May 2021 that the Bitcoin Core imple=
mentation of the RBF rules had never matched the RBF rules outlined in BIP1=
25. Clearly this isn=E2=80=99t ideal but mistakes happen and will continue =
to happen. I certainly do not intend any criticism whatsoever to any of the=
 individuals involved. Thankfully this discrepancy doesn=E2=80=99t seem to =
have resulted in any loss of funds or disruption. However, cross checking a=
 specification with an implementation presumably led to the discovery and a=
llowed for a post mortem on why the implementation didn=E2=80=99t match the=
 specification.
>=20
> There seems to be two views on what to do next given that the RBF rules n=
eed to be updated. One is to ditch the idea of a specification for RBF rule=
s and just document them in the Core repo instead. The other is to have a n=
ew specification for the RBF rules in Core and attempt to correct the mista=
kes made with BIP125 by having a BIP that does correctly outline the RBF ru=
les implemented in Core and includes detailed rationales for why those RBF =
rules have been implemented.
>=20
> Should anyone care about where things are documented?

They really shouldn't.

The nature of L2 punishment protocols is that transaction relay schemes are
additive security: every different way that a punishment tx could get broad=
cast
and mined is a different way that the punishment scheme could succeed. We
should be thinking about how to add diversity and robustness to this in the
form of different schemes, rather than trying to specify exactly how we exp=
ect
these txs to be broadcast. In particular, you have to accept that different
schemes will exist, and an adversary could use those schems.

For the near-term, an important part of this is to get package relay and
package replacements implemented, to avoid edge-cases in multiple-tx scheme=
s.
It'd also be good to specify something entirely different, like a hashcase
based broadcast scheme.

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--IJwBPXtQQ3L997rR
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmLsCqUACgkQLly11TVR
LzejCg//biIjXTUZmAyak5wdo7sOGke6bi7PADdOIlv8QYBGTt+03fIwhPwDbBP8
mNAouT60UmTkjQMSAMBmJn9taKwjQ6Nvs0HMh9lNOJFgj/wzv3HXQMjrUiOR4jG7
BG5BTxYcjHChWBYO1WAPqh3hkU3ra1a30bLkUnn7685yOyDlUM6tKhDm53xeojP7
7HTA3f6sb/EIQ/LvihSHIpyCsH0uCI4XF12zxLwElwxALky8SeKYt8Y4iIPLsWck
LSEU7NKdUfRu5Ecbdyq9Y4bSn4HmuKQcf0X+axj9AXqjmP/Zv1+G1Y5LfB/WR2kK
Eoo5TETff72Wj7s1nU2w4brfa273aU1XU4R0NE6PxM5JGb7/c0vLrFAnr4kQ001i
FOtdvxEMI1Bk5FGx1qNrOAQK9PNDnWdF8U77MhdeqZ/ZaojURMETGpWS3DcfF7V8
ArneZGdkJrorXvQME0gu/S/qFkD7yB3hleK2WrcaoL/gjVl85AhmpK55hvlGnMsX
3Uf1KJ2idJbwQuXP7CZiz/idnhjczqtYf33h5lFbm0pTX2FaNTTelOuOeFTFgZEQ
kbvabBOs3E2exU47giqhHqw3RbIptg0qA6mO8i7lEgk6FP3kKQcTBu1sy7Oe5C74
n/cUC7WId3xdFwqO4xoMTmQm4/JSsrmnZP50rBAcbdJ9xN1Ovvo=
=AHS+
-----END PGP SIGNATURE-----

--IJwBPXtQQ3L997rR--