1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <natanael.l@gmail.com>) id 1YPWbX-0002JT-NU
for bitcoin-development@lists.sourceforge.net;
Sun, 22 Feb 2015 13:29:51 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 74.125.82.169 as permitted sender)
client-ip=74.125.82.169; envelope-from=natanael.l@gmail.com;
helo=mail-we0-f169.google.com;
Received: from mail-we0-f169.google.com ([74.125.82.169])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1YPWbW-0002Rw-NJ
for bitcoin-development@lists.sourceforge.net;
Sun, 22 Feb 2015 13:29:51 +0000
Received: by wesq59 with SMTP id q59so13480438wes.1
for <bitcoin-development@lists.sourceforge.net>;
Sun, 22 Feb 2015 05:29:44 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.180.198.44 with SMTP id iz12mr11608188wic.36.1424611784737;
Sun, 22 Feb 2015 05:29:44 -0800 (PST)
Received: by 10.194.28.170 with HTTP; Sun, 22 Feb 2015 05:29:44 -0800 (PST)
Received: by 10.194.28.170 with HTTP; Sun, 22 Feb 2015 05:29:44 -0800 (PST)
In-Reply-To: <20150222123428.GA6570@savin.petertodd.org>
References: <CALqxMTGBVdMX2RkuXNhkJ38XRM6DgAj+OmQTfHWuVF=emD-06Q@mail.gmail.com>
<20150222123428.GA6570@savin.petertodd.org>
Date: Sun, 22 Feb 2015 14:29:44 +0100
Message-ID: <CAAt2M18fPgYOsfdebmU1Tk6ATnndPBn0k2PN-4fUJs1iTBTqnQ@mail.gmail.com>
From: Natanael <natanael.l@gmail.com>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary=047d7b624dfe5f4ad0050fad474d
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(natanael.l[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YPWbW-0002Rw-NJ
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] alternate proposal opt-in miner takes
double-spend (Re: replace-by-fee v0.10.0rc4)
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 22 Feb 2015 13:29:51 -0000
--047d7b624dfe5f4ad0050fad474d
Content-Type: text/plain; charset=UTF-8
Den 22 feb 2015 13:36 skrev "Peter Todd" <pete@petertodd.org>:
> Implementing it as a general purpose scripting language improvement has
> a lot of advantages, not least of which is that you no longer need to
> rely entirely on inherently unreliable P2P networking: Promise to never
> create two signatures for a specific BIP32 root pubkey and make
> violating that promise destroy and/or reallocate a fidelity bond whose
> value is locked until some time into the future. Since the fidelity bond
> is a separate pool of funds, detection of the double-spend can happen
> later.
Somebody sent me a zero-confirmation transaction, or one that got orphaned
after one block. I created a transaction spending that UTXO, and another.
So at that point I have UTXO_orphaned based on the sender's UTXO_origin and
my UTXO_old (because I've had it unspent for a long time), both in one
transaction, creating UTXO_new.
Now he doublespend UTXO_origin to create a UTXO_doublespend (which
conflicts with UTXO_orphaned). He conspires with a miner to get it into a
block.
Now what? Can my UTXO_old effectively be tainted forever because UTXO_new
got invalidated together with UTXO_orphaned? Will that transaction be a
valid proof of doublespend against a new UTXO_replacement I created?
Or otherwise, if only transactions where all UTXO's are currently valid
works as doublespend proofs, aren't you still just left without protection
against any one miner that conspires with doublespend attempting thieves?
In other words, you are unprotected and potentially at greater risk if you
create a transaction depending on another zero-confirmation transaction.
--047d7b624dfe5f4ad0050fad474d
Content-Type: text/html; charset=UTF-8
<p dir="ltr"><br>
Den 22 feb 2015 13:36 skrev "Peter Todd" <<a href="mailto:pete@petertodd.org">pete@petertodd.org</a>>:<br>
> Implementing it as a general purpose scripting language improvement has<br>
> a lot of advantages, not least of which is that you no longer need to<br>
> rely entirely on inherently unreliable P2P networking: Promise to never<br>
> create two signatures for a specific BIP32 root pubkey and make<br>
> violating that promise destroy and/or reallocate a fidelity bond whose<br>
> value is locked until some time into the future. Since the fidelity bond<br>
> is a separate pool of funds, detection of the double-spend can happen<br>
> later.</p>
<p dir="ltr">Somebody sent me a zero-confirmation transaction, or one that got orphaned after one block. I created a transaction spending that UTXO, and another. </p>
<p dir="ltr">So at that point I have UTXO_orphaned based on the sender's UTXO_origin and my UTXO_old (because I've had it unspent for a long time), both in one transaction, creating UTXO_new. </p>
<p dir="ltr">Now he doublespend UTXO_origin to create a UTXO_doublespend (which conflicts with UTXO_orphaned). He conspires with a miner to get it into a block. </p>
<p dir="ltr">Now what? Can my UTXO_old effectively be tainted forever because UTXO_new got invalidated together with UTXO_orphaned? Will that transaction be a valid proof of doublespend against a new UTXO_replacement I created? </p>
<p dir="ltr">Or otherwise, if only transactions where all UTXO's are currently valid works as doublespend proofs, aren't you still just left without protection against any one miner that conspires with doublespend attempting thieves? </p>
<p dir="ltr">In other words, you are unprotected and potentially at greater risk if you create a transaction depending on another zero-confirmation transaction. </p>
--047d7b624dfe5f4ad0050fad474d--
|
