1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
|
Return-Path: <gsanders87@gmail.com>
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
by lists.linuxfoundation.org (Postfix) with ESMTP id 9E65BC002D
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Jun 2022 12:03:53 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp1.osuosl.org (Postfix) with ESMTP id 7958C82897
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Jun 2022 12:03:53 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 7958C82897
Authentication-Results: smtp1.osuosl.org;
dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
header.a=rsa-sha256 header.s=20210112 header.b=YM+W9EaV
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from smtp1.osuosl.org ([127.0.0.1])
by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id WRUCRVHy9fMB
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Jun 2022 12:03:51 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 52E4B82893
Received: from mail-yw1-x1134.google.com (mail-yw1-x1134.google.com
[IPv6:2607:f8b0:4864:20::1134])
by smtp1.osuosl.org (Postfix) with ESMTPS id 52E4B82893
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Jun 2022 12:03:51 +0000 (UTC)
Received: by mail-yw1-x1134.google.com with SMTP id
00721157ae682-318889e6a2cso82882357b3.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 27 Jun 2022 05:03:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=vzJ3OthDUh/oKtdkbvGGTCYYksP9QDDG05nbIQcgOUI=;
b=YM+W9EaVXJSjs4Vnvz7rx9zMPB3hL6degSmXlQriKXlGAbcj3rs3aAFx9qFI3tTzmH
vwW5pPz1wC9gw2pbME2NUDeybBsIkGwwfMd5agrkVetjDTjIYs6PS5kUdMltzmhbTFkN
inmU/kOi3duVGYw7IdSq52vhE8tqgrdUhJaRP7CEjzGQ6rmCdXjKyPbF+kitLtrM3hEx
XvtBNAWHOB0741ebF6R+NCgGvGuWF+PSVeMNViASgO4nUdT2Cmb4IIvYSUNrhMbdhXfC
sHc5/91IHDZjd81Y95biSGv462t5gdwplnrcNtDqmXNQMhtii7rKp7GSNujXt6qx7WC1
/dRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=vzJ3OthDUh/oKtdkbvGGTCYYksP9QDDG05nbIQcgOUI=;
b=JrNaZcxuLOk9LKG7XdEJZyICzKdSXYHCsLb8vG3Xd+q5n+nwjh1ouQpNIi03KD3Hzd
h63sY8D9NZMkzsDzPUOfbtll/IuL2uGW+M3UHow9KhuK9fTNHiB8driMcQihV7dCP82y
zJQquXDPTu0Od59V8R07ev9gi3cetKF9jNSGjrXqs69Lf9ZGKPRybbBl+2dnbV28KEEh
g53zHg1sqfxSw5qffJDyWHW8bmKJ3uCG121B9BKOIYLAFVRptPSBiYBBNGV7NLwhdd+s
5g4/1VtxNGsvOSqgfDWIu3OBlw30QqOVWkwIJRuT34IaRNk3CUqKlmYWvtRStpLE+WYC
GS4w==
X-Gm-Message-State: AJIora/EFG6koOnrBTtNxJ12gPX5vfFdcpYO0poWhQyCSIkKIQ9MZzi2
uJvzACX8ZI0yEBbiqJSiNngdowTt9uohk0R0x84c9PYj
X-Google-Smtp-Source: AGRyM1tA3fqj23zs2RUYKl/6LZMhb5LHdUrwkYIipVFZjIPpz+pVt5q6TJFtlUw1svWiMHWUPElJ/qtFJpLd42I0MWE=
X-Received: by 2002:a81:1397:0:b0:317:86c9:4472 with SMTP id
145-20020a811397000000b0031786c94472mr14902123ywt.466.1656331430203; Mon, 27
Jun 2022 05:03:50 -0700 (PDT)
MIME-Version: 1.0
References: <CALZpt+GOh-7weEypT9JrzcwthZJqHOfj7sf9FMuqi5_FZv0g7w@mail.gmail.com>
<gmDNbfrrvaZL4akV2DFwCuKrls9SScQjqxeRoEorEiYlv24dPt1j583iOtcB2lFrxZc59N3kp7T9KIM4ycl4QOmGBfDOUmO-BVHsttvtvDc=@protonmail.com>
<CALZpt+FJ-R9yCoMLP=Vcxk1U7n=-LKHUGctFZj0K-vTMsz==ew@mail.gmail.com>
<RJEFmrnjbzKQCBr4L7ebwBLzg7QHGXlaE19zj6jfkxL6xjfodgbfssZBQSYxm783Y4X5awuhL9Gj8IaBc4npE2oh3d1xoudKTrSsJ-dk0VQ=@protonmail.com>
<CALZpt+HXB=xh3qtxJFM7yUzRu1uj-pPtLQmT=5QV0dNfVuTpfQ@mail.gmail.com>
<Pb8H4PbeS-RaNOKfekOPdY8gQo4_Syd3HoTK26AO872f7tCKyGnty56KtcvmvrXFOJdC7nQgNHoQ37M4MNXQ6vqQ9du6BFbvGLbY3BdYVpY=@protonmail.com>
<Yrj9N7k8osWsxhY4@petertodd.org>
In-Reply-To: <Yrj9N7k8osWsxhY4@petertodd.org>
From: Greg Sanders <gsanders87@gmail.com>
Date: Mon, 27 Jun 2022 08:03:38 -0400
Message-ID: <CAB3F3DtwX=nkcYPDHxFygEMZafhD3m+XuKc+BKuhwFs0J4VNUA@mail.gmail.com>
To: Peter Todd <pete@petertodd.org>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="00000000000087152e05e26cb6fe"
Subject: Re: [bitcoin-dev] Playing with full-rbf peers for fun and L2s
security
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jun 2022 12:03:53 -0000
--00000000000087152e05e26cb6fe
Content-Type: text/plain; charset="UTF-8"
One key difference seems to be that properly punishing someone based on
mempool behavior seems much more difficult. As we all know there is no "the
mempool".
On Sun, Jun 26, 2022, 8:43 PM Peter Todd via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> On Sun, Jun 26, 2022 at 04:40:24PM +0000, alicexbt via bitcoin-dev wrote:
> > Hi Antoine,
> >
> > Thanks for sharing the DoS attack example with alternatives.
> >
> > > - Caroll broadcasts a double-spend of her own input C, the
> double-spend is attached with a low-fee (1sat/vb) and it does _not_ signal
> opt-in RBF
> > > - Alice broadcasts the multi-party transaction, it is rejected by the
> network mempools because Alice double-spend is already present
> >
> > I think this affects almost all types of coinjoin transaction including
> coordinator based implementations. I tried a few things and have already
> reported details for an example DoS attack to one of the team but there is
> no response yet.
> >
> > It was fun playing with RBF, DoS and Coinjoin. Affected projects should
> share their opinion about full-rbf as it seems it might improve things.
> >
> > Example:
> >
> > In Wasabi an attacker can broadcast a transaction spending input used in
> coinjoin after sending signature in the round. This would result in a
> coinjoin tx which never gets relayed:
> https://nitter.net/1440000bytes/status/1540727534093905920
>
> Note that Wasabi already has a DoS attack vector in that a participant can
> stop
> participating after the first phase of the round, with the result that the
> coinjoin fails. Wasabi mitigates that by punishing participating in future
> rounds. Double-spends only create additional types of DoS attack that need
> to
> be detected and punished as well - they don't create a fundamentally new
> vulerability.
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
--00000000000087152e05e26cb6fe
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"auto">One key difference seems to be that properly punishing so=
meone based on mempool behavior seems much more difficult. As we all know t=
here is no "the mempool".=C2=A0<div dir=3D"auto"><br></div><div d=
ir=3D"auto"><br></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr"=
class=3D"gmail_attr">On Sun, Jun 26, 2022, 8:43 PM Peter Todd via bitcoin-=
dev <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"=
_blank" rel=3D"noreferrer">bitcoin-dev@lists.linuxfoundation.org</a>> wr=
ote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;=
border-left:1px #ccc solid;padding-left:1ex">On Sun, Jun 26, 2022 at 04:40:=
24PM +0000, alicexbt via bitcoin-dev wrote:<br>
> Hi Antoine,<br>
> <br>
> Thanks for sharing the DoS attack example with alternatives.<br>
> <br>
> > - Caroll broadcasts a double-spend of her own input C, the double=
-spend is attached with a low-fee (1sat/vb) and it does _not_ signal opt-in=
RBF<br>
> > - Alice broadcasts the multi-party transaction, it is rejected by=
the network mempools because Alice double-spend is already present<br>
> <br>
> I think this affects almost all types of coinjoin transaction includin=
g coordinator based implementations. I tried a few things and have already =
reported details for an example DoS attack to one of the team but there is =
no response yet.<br>
> <br>
> It was fun playing with RBF, DoS and Coinjoin. Affected projects shoul=
d share their opinion about full-rbf as it seems it might improve things.<b=
r>
> <br>
> Example:<br>
> <br>
> In Wasabi an attacker can broadcast a transaction spending input used =
in coinjoin after sending signature in the round. This would result in a co=
injoin tx which never gets relayed: <a href=3D"https://nitter.net/1440000by=
tes/status/1540727534093905920" rel=3D"noreferrer noreferrer noreferrer" ta=
rget=3D"_blank">https://nitter.net/1440000bytes/status/1540727534093905920<=
/a><br>
<br>
Note that Wasabi already has a DoS attack vector in that a participant can =
stop<br>
participating after the first phase of the round, with the result that the<=
br>
coinjoin fails. Wasabi mitigates that by punishing participating in future<=
br>
rounds. Double-spends only create additional types of DoS attack that need =
to<br>
be detected and punished as well - they don't create a fundamentally ne=
w<br>
vulerability.<br>
<br>
-- <br>
<a href=3D"https://petertodd.org" rel=3D"noreferrer noreferrer noreferrer" =
target=3D"_blank">https://petertodd.org</a> 'peter'[:-1]@<a href=3D=
"http://petertodd.org" rel=3D"noreferrer noreferrer noreferrer" target=3D"_=
blank">petertodd.org</a><br>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" rel=3D"noreferrer =
noreferrer" target=3D"_blank">bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer noreferrer noreferrer" target=3D"_blank">https://lists.li=
nuxfoundation.org/mailman/listinfo/bitcoin-dev</a><br>
</blockquote></div>
--00000000000087152e05e26cb6fe--
|
