1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
Return-Path: <pete@petertodd.org>
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 24C50C0037
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 20 Dec 2023 19:49:11 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp2.osuosl.org (Postfix) with ESMTP id DBD6140A74
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 20 Dec 2023 19:49:10 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org DBD6140A74
Authentication-Results: smtp2.osuosl.org; dkim=pass (2048-bit key,
unprotected) header.d=messagingengine.com header.i=@messagingengine.com
header.a=rsa-sha256 header.s=fm2 header.b=8++6EjvA
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp2.osuosl.org ([127.0.0.1])
by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id z1sNiEdZurba
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 20 Dec 2023 19:49:09 +0000 (UTC)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com
[66.111.4.28])
by smtp2.osuosl.org (Postfix) with ESMTPS id 0E0BE41767
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 20 Dec 2023 19:49:08 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 0E0BE41767
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
by mailout.nyi.internal (Postfix) with ESMTP id 17B895C05A2;
Wed, 20 Dec 2023 14:49:03 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163])
by compute3.internal (MEProxy); Wed, 20 Dec 2023 14:49:03 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-type:content-type:date:date
:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
:message-id:mime-version:references:reply-to:subject:subject:to
:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
fm2; t=1703101743; x=1703188143; bh=pL2gT2bmjxfbng5o2gYstIAh+hYh
1CDnkA1TB2XJqBo=; b=8++6EjvAfLxRmPO46QW0vjXD2xI2Jac6D9kjnnyGQ3Vv
oX0OCZ+mRfVrLqmhGShoON+XZ+gHf/5IdI4x2UxPwzM/ekC38PIs0MLwvEki1TkQ
ISv87pXSXm8Ge71YzSffDqDkRs4EWSHEc180Qw3EZTZndMx4OocbX5p2DMBTwBON
Wzv9b8W27H49uiBADpwNVkQatb0eaJjimixqQk8EnnvgtJxbML1DHWKv57w6r5Hh
fYd5iJMf588y5LiNuqq0msr+lY0B4+jY49lac8N/FF8ICCIklIvGJFmJ8qfy4Jmy
8gmbx8dnI/pT9PE1V/ffndVJMAqRmerkWi/K/ZwafQ==
X-ME-Sender: <xms:LkWDZcrO1jA9iC3pEUzaFhXjNVQP8VsV7hk3hZj4Yz3IPVh9ktiWCA>
<xme:LkWDZSqkbd-Q7GlIMzPmphoXfdgGNFKJnwwZN0TIS6jKGdeZ2pJg2gD2xahimPLRS
h47cfbZcLkIScc6Ox0>
X-ME-Received: <xmr:LkWDZRP6RF2kI-5r42BByeoftzTRpKkd_-KRNuisMl77ROvR9gfDb0yXNQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdduvddgudeftdcutefuodetggdotefrod
ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
enucfjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvght
vghrucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrth
htvghrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefh
jedtnecuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuih
iivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggu
rdhorhhg
X-ME-Proxy: <xmx:LkWDZT74cvc0xvM6eugMHR2Vw_Kx2Csqw4lKBA23xNsWvi3g9wVdHg>
<xmx:LkWDZb4qZ4D_T7Ex_sU06lrjFZx28JGYbDoOaSppZpPNnlOk174Jsg>
<xmx:LkWDZTiDYgjH7aaR1RD1lQTu14HvGQXJ5YvDrKdSzxZibg8oXOMGGQ>
<xmx:L0WDZdkX8-hT9HzYO_2LekehKJmc3rXCKNf_i3uJSb9xX1rGWNmyjw>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed,
20 Dec 2023 14:49:02 -0500 (EST)
Received: by localhost (Postfix, from userid 1000)
id 9B97B5F84E; Wed, 20 Dec 2023 19:48:59 +0000 (UTC)
Date: Wed, 20 Dec 2023 19:48:59 +0000
From: Peter Todd <pete@petertodd.org>
To: Gloria Zhao <gloriajzhao@gmail.com>
Message-ID: <ZYNFK5V5e9PnT9eL@petertodd.org>
References: <ZYMhEJ3y11tnDOAx@petertodd.org>
<CAFXO6=KS05So_5FizLJxCLEPwBxNPV9Wrgi=9sjzmrZ+PLpLOQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="eHvNDj2GtvZ+LdUw"
Content-Disposition: inline
In-Reply-To: <CAFXO6=KS05So_5FizLJxCLEPwBxNPV9Wrgi=9sjzmrZ+PLpLOQ@mail.gmail.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] V3 Transactions are still vulnerable to
significant tx pinning griefing attacks
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Dec 2023 19:49:11 -0000
--eHvNDj2GtvZ+LdUw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Dec 20, 2023 at 07:13:22PM +0000, Gloria Zhao wrote:
> The "damage" of the pin can quantified by the extra fees Alice has to pay.
>=20
> For a v3 transaction, Mallory can attach 1000vB at 80sat/vB. This can
> increase the cost of replacement to 80,000sat.
> For a non-v3 transaction, Mallory can attach (101KvB - N) before maxing o=
ut
> the descendant limit.
> Rule #4 is pretty negligible here, but since you've already specified
> Alice's child as 152vB, she'll need to pay Rule #3 + 152sats for a
> replacement.
>=20
> Let's say N is 1000vB. AFAIK commitment transactions aren't usually small=
er
> than this:
You make a good point that the commitment transaction also needs to be incl=
uded
in my calculations. But you are incorrect about the size of them.
With taproot and ephemeral anchors, a typical commitment transaction would =
have
a single-sig input (musig), two taproot outputs, and an ephemeral anchor
output. Such a transaction is only 162vB, much less than 1000vB.
In my experience, only a minority of commitment transactions that get mined
have HTLCs outstanding; even if there is an HTLC outstanding, that only get=
s us
up to 206vB.
> > Mallory can improve the efficiency of his griefing attack by attacking
> multiple
> > targets at once. Assuming Mallory uses 1 taproot input and 1 taproot
> output for
> > his own funds, he can spend 21 ephemeral anchors in a single 1000vB
> > transaction.
>=20
> Note that v3 does not allow more than 1 unconfirmed parent per tx.
Ah, pity, I had misremembered that restriction as being removed, as that is=
a
potentially significant improvement in scenarios where you need to do things
like deal with a bunch of force closes at once.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--eHvNDj2GtvZ+LdUw
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmWDRSkACgkQLly11TVR
LzenvBAAlZo/mBduMLIqCcUC0ryGerwPgSVfT6oOWh5La0XVwIjnQTPqxK6pR+x6
WNenlGlWtrPx4Prl+pgsSeCrzL/VNw8bpVjT3AotkQ4yB0ln63yG1sgysLGQ2KdF
3W+fNiQMLijgz06L7MVf72qBtpYa3swt9zWQgdMVTpc8La5CnWXbBIRbe2joRtTK
eO3aakFWMr+2HDC6/CrhmA+SdytRLSC1vhEJoamRMfF8wdnkcGULq1oQhqDEYCcf
DQapf6dYPVVxvmINnrCK+nXeRMcr0amJH0q94H821Njtohp4f2hQbcAKh8/FxZ5d
13clUl2UzChdIp96ACdzO26RpOcv7fTYTdXuLEJmOv4mNWxnfD7AkoEteZ0wy/bX
ZEtzS5r53pTbgvFS5PtGsT1qpzmIqqTwl6LATDB046F4creumV8+l5NWnPJMz3vh
X4o7MnC7SnkRLIyhTcd27GYhukCEvX1MCWeSIVGQopkHld/dWT1LpLpxDVfIWaKM
5ZcA2tL8nHOY5Y2L9Z75xikpR18nv2KTaGTjuk8fudKV0KTPKhgK3LFhd1Ikfkwe
z81Zj10nCWHbJkre+GTCcpdA0w83R0stA/hMXe22LY4/y8d0odvBfhwCtEW+4vpe
/cAFwguQHzQyKER9jXwkZg29lo88Dm++1Zq2KJeGL1J3d7PXUsw=
=WdHc
-----END PGP SIGNATURE-----
--eHvNDj2GtvZ+LdUw--
|