1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
Return-Path: <keatonatron@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id BFC7FF16
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 Jan 2019 20:58:32 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com
[209.85.128.54])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 031653F7
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 Jan 2019 20:58:31 +0000 (UTC)
Received: by mail-wm1-f54.google.com with SMTP id d15so303102wmb.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 Jan 2019 12:58:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=f+mneEs77bjs/U4x+sHhvPg7QPHRTlDbNNyLBcVx5NQ=;
b=giltNvNA0E4hlNFWx+yrhXLxjVX3rctP+icrIraRkE0nxPeVZws/N/vrXHe5AfbuRm
lWvAmXsyvY8dbpDdTsLg4Lz8cll9UlODFNsQXxz3MbaV9Mxea26rKgF7Pg/DBC/grMaw
I9Rx/5uiw8WX9b1jc+KB6J2gKUdpCTSGOPXqGY2SLwO6adTxXRdTRhyr4MmgrKhvaIem
yDVmWWTzRWOx+fX9O9GiEjZf9efsf662n8b8JgLB0ybvxbPmj7DhaQOHaYc66od9/gC+
3/i2d46LyQAZluzQbodSSHcWiHv/kgZLDmSfyZiXx8kIvNQTHZ8QtBobzeIGVEKA4Wr/
dYEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=f+mneEs77bjs/U4x+sHhvPg7QPHRTlDbNNyLBcVx5NQ=;
b=FDgyVodV4mv/Fziu/8RmPq33z6cTlzyWWVpGmijOQsgiuey0JqT5jxJaR45XWvo9rZ
QeSwLMePxdAU7z0gE74CUTgcahxysTZJWZXrmjkWVbV5qVs/szNyXJKih25/WunL0wzt
c3rRDBulvT5lMFefUXksVpn2LOJRcMkY0Bh+CjD/QCAWhuWo80ryHzIuTJWsRLm8QnVc
6p8aetGX4Xv6MGtW4H9U2iIvi8v42M6ovheCNFvfNO3MpSw+GbYg1qc8AaygbEsnPH1R
mIn+RJWDpaDX/wNVsgEjrt94bUyVccL5m07h/Bs7O/eKDmxwXE5K/fenp7tZXPOV8K6E
1cNw==
X-Gm-Message-State: AJcUukdjmGTFQ5nCC0vi+rj5D8BLQQj6PA6ydsV5qJho+yZzyQBqK5Iy
etrTJ61rpGrllT9xahJt9xoiG3/FdwzBCT9cpvs=
X-Google-Smtp-Source: ALg8bN6tJxefGNrshBZnnP8IvxGRRViy1FH9VHAskoyUG3RFRBocU+J4ZBM8LgIW2ZG1QKAqGxdLypqAykksF4WSWyY=
X-Received: by 2002:a1c:8b44:: with SMTP id n65mr27873433wmd.104.1548881910313;
Wed, 30 Jan 2019 12:58:30 -0800 (PST)
MIME-Version: 1.0
References: <TtjH2zicjKr8PBVCMOvA7ryt2z_XXvtrpC4y1wuWSxexNwMdbPGE7vPmu6UnzmfYqYBMxZ8NNoz4VUnODdIcjR4j-E1sYz_FA6ZZMjKHtuM=@protonmail.com>
<e15c5dd7-6fe1-b253-e129-aeae6493acd1@gmail.com>
<-yZhdFkKfKAEz1_4GKKSpTxjvR8EDSsH_5-TTh_4X5qwa79igXKR14rh6JASrald-F97o1htWY_kcBQ7IVr7ZH9zOQlOEwzhkWDjTq0d7F4=@protonmail.com>
<2cd4fe6d-c0ca-5ae7-4107-38e1609743a8@gmail.com>
<CAH+Axy7SJhTskrTX_i+Nc+HMtcNXhOFuGi11X=EjFEfBW=H06A@mail.gmail.com>
<MN5bgFMThBJ_6HiuX-aC9lAp7ainm0vhzOFMYefU-Z2QI26RUE7EmW0xTgvnxArriD-lQUTaB_wBZyKga1po6hquh1fVH5N_5wuLVIEIBfQ=@protonmail.com>
<CAH+Axy68O76GjjKtdzwOQBS0bQauoPXJEYnrztSfYzVNDSbcNw@mail.gmail.com>
<rw6S6-g_a3GdPaJ1pspzBCAVxromSSYzw_jQhgsZ9VmWPLxfMG-DB_ne2VhMvAkpppbc20mwXXyYjUmy1ifVHHfDXGUTnZdI87omk8T6gV4=@protonmail.com>
In-Reply-To: <rw6S6-g_a3GdPaJ1pspzBCAVxromSSYzw_jQhgsZ9VmWPLxfMG-DB_ne2VhMvAkpppbc20mwXXyYjUmy1ifVHHfDXGUTnZdI87omk8T6gV4=@protonmail.com>
From: James MacWhyte <keatonatron@gmail.com>
Date: Wed, 30 Jan 2019 12:58:03 -0800
Message-ID: <CAH+Axy77+OTZ12=FFhrdg-1xznKjVQUT58mP6yjVbt7sWtgA7g@mail.gmail.com>
To: rhavar@protonmail.com
Content-Type: multipart/alternative; boundary="0000000000001038d60580b32c9e"
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Thu, 31 Jan 2019 17:00:54 +0000
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] bustapay BIP :: a practical sender/receiver
coinjoin protocol
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Jan 2019 20:58:32 -0000
--0000000000001038d60580b32c9e
Content-Type: text/plain; charset="UTF-8"
On Tue, Jan 29, 2019 at 6:46 PM <rhavar@protonmail.com> wrote:
>
> If the sender refuses to sign the final transaction, the receiver just
> propagates the template transaction which pays the receiver! So it's a
> pretty weak attack.
>
> The only real attack is that the sender could double-spend the
> template-transaction before it's propagated, but the cost of doing this
> isn't free, as at the very least you need to pay the transaction fees of
> creating a double spend. It's not an amazingly good defence, but it's good
> enough that it's unlikely to get abused (and an attacker would only learn a
> single utxo of the receiver) .
>
Okay, I see what you mean. I better understand the weaknesses you've
identified, and I can't really think of a better solution than what you've
proposed. I also realized that implementors who aren't capable of
integrating signing and UTXO validation wouldn't be the ones trying to
implement this feature, so my concerns there are also moot. Carry on ;)
--0000000000001038d60580b32c9e
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote">=
<div dir=3D"ltr" class=3D"gmail_attr">On Tue, Jan 29, 2019 at 6:46 PM <<=
a href=3D"mailto:rhavar@protonmail.com">rhavar@protonmail.com</a>> wrote=
:</div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;=
border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><br></div><di=
v>If the sender refuses to sign the final transaction, the receiver just pr=
opagates the template transaction which pays the receiver! So it's a pr=
etty weak attack.<br></div><div><br></div><div>The only real attack is that=
the sender could double-spend the template-transaction before it's pro=
pagated, but the cost of doing this isn't free, as at the very least yo=
u need to pay the transaction fees of creating a double spend. It's not=
an amazingly good defence, but it's good enough that it's unlikely=
to get abused (and an attacker would only learn a single utxo of the recei=
ver) .</div></blockquote><div><br></div><div>Okay, I see what you mean. I b=
etter understand the weaknesses you've identified, and I can't real=
ly think of a better solution than what you've proposed. I also realize=
d that implementors who aren't capable of integrating signing and UTXO =
validation wouldn't be the ones trying to implement this feature, so my=
concerns there are also moot. Carry on ;)</div></div></div>
--0000000000001038d60580b32c9e--
|