1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <elombrozo@gmail.com>) id 1YPWnM-0006bs-RP
for bitcoin-development@lists.sourceforge.net;
Sun, 22 Feb 2015 13:42:04 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.176 as permitted sender)
client-ip=209.85.217.176; envelope-from=elombrozo@gmail.com;
helo=mail-lb0-f176.google.com;
Received: from mail-lb0-f176.google.com ([209.85.217.176])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1YPWnL-0004Nj-6h
for bitcoin-development@lists.sourceforge.net;
Sun, 22 Feb 2015 13:42:04 +0000
Received: by lbjb6 with SMTP id b6so13923879lbj.12
for <bitcoin-development@lists.sourceforge.net>;
Sun, 22 Feb 2015 05:41:56 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.152.246.41 with SMTP id xt9mr5805481lac.110.1424612516770;
Sun, 22 Feb 2015 05:41:56 -0800 (PST)
Received: by 10.112.201.67 with HTTP; Sun, 22 Feb 2015 05:41:56 -0800 (PST)
In-Reply-To: <CABr1YTefbYqqtx0fSm_GBASxE2Za9EGWOPM2A5X4PRxbVemyiw@mail.gmail.com>
References: <20150212064719.GA6563@savin.petertodd.org>
<CANEZrP2uVT_UqJbzyQcEbiS78T68Jj2cH7OGXv5QtYiCwArDdA@mail.gmail.com>
<CAJHLa0PkzG44JpuQoHVLUU8SR55LaJf5AwG=a7AjK2u7TAveOQ@mail.gmail.com>
<20150215212512.GR14804@nl.grid.coop> <54E11248.6090401@gmail.com>
<20150219085604.GT14804@nl.grid.coop>
<CABm2gDorEFNzzHH2bxpo6miv1H0RUhL9uAYX6gg2aW0wB1QDbw@mail.gmail.com>
<CAOG=w-uJFobZtkd8OoPnOJC3uqCOwjsqyfNWJTg3j3sJQn+wXQ@mail.gmail.com>
<CAJHLa0M4Tc7kiQVNmBfMBvSqFyrmHXdaNh7mF+crAdME5FUWHg@mail.gmail.com>
<CABm2gDpMagWHsBn1t_oLO2bESgD2NUpefYw-gePFaBCNmpXviQ@mail.gmail.com>
<CAJHLa0ObR32wg7TEJ2XHgZ=9=Z+yFsXjF3JCz+4d5mdp1=xu4Q@mail.gmail.com>
<CABr1YTcr9C4uoXFfTJ6BEGHaw1a3dV_J=SE=fZbbpZRdTtD8tw@mail.gmail.com>
<CABr1YTefbYqqtx0fSm_GBASxE2Za9EGWOPM2A5X4PRxbVemyiw@mail.gmail.com>
Date: Sun, 22 Feb 2015 05:41:56 -0800
Message-ID: <CABr1YTfZDSpyMLNi2pYORh01f_G3tL0rcw2Zo0m_P4-vjsJfmQ@mail.gmail.com>
From: Eric Lombrozo <elombrozo@gmail.com>
To: Jeff Garzik <jgarzik@bitpay.com>
Content-Type: multipart/alternative; boundary=001a1133b024013b4d050fad7355
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(elombrozo[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.9 FUZZY_AMBIEN BODY: Attempt to obfuscate words in spam
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YPWnL-0004Nj-6h
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] replace-by-fee v0.10.0rc4
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 22 Feb 2015 13:42:04 -0000
--001a1133b024013b4d050fad7355
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
In case it wasn't clear in my earlier post, there's of course a third
possibility - namely, some outputs are kept but not all. Here, it is
generally impossible to tell whether the motivation was fee replacement,
output replacement, or both. My proposal is to always treat these instances
as output replacement and punish the sender. The sender needs to make it
unambiguously clear it's only a fee replacement by creating a new
transaction that produces an output with the desired extra fee and then
adding an input that spends it to the original transaction.
- Eric Lombrozo
On Sunday, February 22, 2015, Eric Lombrozo <elombrozo@gmail.com> wrote:
> I should note that my proposal does require a change to the consensus
> rules...but getting bitcoin to scale will require this no matter what.
>
> - Eric Lombrozo
> On Feb 22, 2015 3:41 AM, "Eric Lombrozo" <elombrozo@gmail.com
> <javascript:_e(%7B%7D,'cvml','elombrozo@gmail.com');>> wrote:
>
>> It seems to me we're confusing two completely different motivations for
>> double-spending. One is the ability to replace a fee, the other is the
>> ability to replace outputs.
>>
>> If the double-spend were to merely add or remove inputs (but keep at
>> least one input in common, of course), it seems fairly safe to assume it=
's
>> the former, a genuine fee replacement. Even allowing for things like
>> coinjoin, none of the payees would really care either way.
>>
>> Conversely, if at least one of the inputs were kept but none of the
>> outputs were, we can be confident it's the the latter.
>>
>> It is possible to build a wallet that always does the former when doing
>> fee replacement by using another transaction to create an output with
>> exactly the additional desired fee.
>>
>> If we can clearly distinguish these two cases then the fee replacement
>> case can be handled by relaying both and letting miners pick one or the
>> other while the output replacement case could be handled by rewarding
>> everything to a miner (essentially all outputs are voided...made
>> unredeemable...and all inputs are added to coinbase) if the miner includ=
es
>> the two conflicting transactions in the same block.
>>
>> Wouldn't this essentially solve the problem?
>>
>> - Eric Lombrozo
>> On Feb 21, 2015 8:09 PM, "Jeff Garzik" <jgarzik@bitpay.com
>> <javascript:_e(%7B%7D,'cvml','jgarzik@bitpay.com');>> wrote:
>>
>>> On Sat, Feb 21, 2015 at 10:25 PM, Jorge Tim=C3=B3n <jtimon@jtimon.cc> w=
rote:
>>> > On Sat, Feb 21, 2015 at 11:47 PM, Jeff Garzik <jgarzik@bitpay.com
>>> <javascript:_e(%7B%7D,'cvml','jgarzik@bitpay.com');>> wrote:
>>> >> This isn't some theoretical exercise. Like it or not many use
>>> >> insecure 0-conf transactions for rapid payments. Deploying somethin=
g
>>> >> that makes 0-conf transactions unusable would have a wide, negative
>>> >> impact on present day bitcoin payments, thus "scorched earth"
>>>
>>> > And maybe by maintaining first seen policies we're harming the system
>>> > in the long term by encouraging people to widely deploy systems based
>>> > on extremely weak assumptions.
>>>
>>> Lacking a coded, reviewed alternative, that's only a platitude.
>>> Widely used 0-conf payments are where we're at today. Simply ceasing
>>> the "maintaining [of] first seen policies" alone is simply not a
>>> realistic option. The negative impact to today's userbase would be
>>> huge.
>>>
>>> Instant payments need a security upgrade, yes.
>>>
>>> --
>>> Jeff Garzik
>>> Bitcoin core developer and open source evangelist
>>> BitPay, Inc. https://bitpay.com/
>>>
>>>
>>> -----------------------------------------------------------------------=
-------
>>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>>> from Actuate! Instantly Supercharge Your Business Reports and Dashboard=
s
>>> with Interactivity, Sharing, Native Excel Exports, App Integration & mo=
re
>>> Get technology previously reserved for billion-dollar corporations, FRE=
E
>>>
>>> http://pubads.g.doubleclick.net/gampad/clk?id=3D190641631&iu=3D/4140/os=
tg.clktrk
>>> _______________________________________________
>>> Bitcoin-development mailing list
>>> Bitcoin-development@lists.sourceforge.net
>>> <javascript:_e(%7B%7D,'cvml','Bitcoin-development@lists.sourceforge.net=
');>
>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>>
>>
--001a1133b024013b4d050fad7355
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<br><p dir=3D"ltr" style=3D"font-family:sans-serif;font-size:15.65217399597=
17px">In case it wasn't clear in my earlier post, there's of course=
a third possibility - namely, some outputs are kept but not all. Here, it =
is generally impossible to tell whether the motivation was fee replacement,=
output replacement, or both. My proposal is to always treat these instance=
s as output replacement and punish the sender. The sender needs to make it =
unambiguously clear it's only a fee replacement by creating a new trans=
action that produces an output with the desired extra fee and then adding a=
n input that spends it to the original transaction.</p><span style=3D"font-=
family:sans-serif;font-size:15.6521739959717px">- Eric Lombrozo</span><div>=
<br></div><div>On Sunday, February 22, 2015, Eric Lombrozo <<a href=3D"m=
ailto:elombrozo@gmail.com">elombrozo@gmail.com</a>> wrote:<br><blockquot=
e class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc sol=
id;padding-left:1ex"><p dir=3D"ltr">I should note that my proposal does req=
uire a change to the consensus rules...but getting bitcoin to scale will re=
quire this no matter what.</p>
<p dir=3D"ltr">- Eric Lombrozo</p>
<div class=3D"gmail_quote">On Feb 22, 2015 3:41 AM, "Eric Lombrozo&quo=
t; <<a href=3D"javascript:_e(%7B%7D,'cvml','elombrozo@gmail.=
com');" target=3D"_blank">elombrozo@gmail.com</a>> wrote:<br type=3D=
"attribution"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;=
border-left:1px #ccc solid;padding-left:1ex"><p dir=3D"ltr">It seems to me =
we're confusing two completely different motivations for double-spendin=
g. One is the ability to replace a fee, the other is the ability to replace=
outputs.</p>
<p dir=3D"ltr">If the double-spend were to merely add or remove inputs (but=
keep at least one input in common, of course), it seems fairly safe to ass=
ume it's the former, a genuine fee replacement. Even allowing for thing=
s like coinjoin, none of the payees would really care either way.</p>
<p dir=3D"ltr">Conversely, if at least one of the inputs were kept but none=
of the outputs were, we can be confident it's the the latter.</p>
<p dir=3D"ltr">It is possible to build a wallet that always does the former=
when doing fee replacement by using another transaction to create an outpu=
t with exactly the additional desired fee.</p>
<p dir=3D"ltr">If we can clearly distinguish these two cases then the fee r=
eplacement case can be handled by relaying both and letting miners pick one=
or the other while the output replacement case could be handled by rewardi=
ng everything to a miner (essentially all outputs are voided...made unredee=
mable...and all inputs are added to coinbase) if the miner includes the two=
conflicting transactions in the same block.</p>
<p dir=3D"ltr">Wouldn't this essentially solve the problem?</p>
<p dir=3D"ltr">- Eric Lombrozo</p>
<div class=3D"gmail_quote">On Feb 21, 2015 8:09 PM, "Jeff Garzik"=
<<a href=3D"javascript:_e(%7B%7D,'cvml','jgarzik@bitpay.com=
');" target=3D"_blank">jgarzik@bitpay.com</a>> wrote:<br type=3D"att=
ribution"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;bord=
er-left:1px #ccc solid;padding-left:1ex">On Sat, Feb 21, 2015 at 10:25 PM, =
Jorge Tim=C3=B3n <jtimon@jtimon.cc> wrote:<br>
> On Sat, Feb 21, 2015 at 11:47 PM, Jeff Garzik <<a href=3D"javascrip=
t:_e(%7B%7D,'cvml','jgarzik@bitpay.com');" target=3D"_blank=
">jgarzik@bitpay.com</a>> wrote:<br>
>> This isn't some theoretical exercise.=C2=A0 Like it or not man=
y use<br>
>> insecure 0-conf transactions for rapid payments.=C2=A0 Deploying s=
omething<br>
>> that makes 0-conf transactions unusable would have a wide, negativ=
e<br>
>> impact on present day bitcoin payments, thus "scorched earth&=
quot;<br>
<br>
> And maybe by maintaining first seen policies we're harming the sys=
tem<br>
> in the long term by encouraging people to widely deploy systems based<=
br>
> on extremely weak assumptions.<br>
<br>
Lacking a coded, reviewed alternative, that's only a platitude.<br>
Widely used 0-conf payments are where we're at today.=C2=A0 Simply ceas=
ing<br>
the "maintaining [of] first seen policies" alone is simply not a<=
br>
realistic option.=C2=A0 The negative impact to today's userbase would b=
e<br>
huge.<br>
<br>
Instant payments need a security upgrade, yes.<br>
<br>
--<br>
Jeff Garzik<br>
Bitcoin core developer and open source evangelist<br>
BitPay, Inc.=C2=A0 =C2=A0 =C2=A0 <a href=3D"https://bitpay.com/" target=3D"=
_blank">https://bitpay.com/</a><br>
<br>
---------------------------------------------------------------------------=
---<br>
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server<br>
from Actuate! Instantly Supercharge Your Business Reports and Dashboards<br=
>
with Interactivity, Sharing, Native Excel Exports, App Integration & mo=
re<br>
Get technology previously reserved for billion-dollar corporations, FREE<br=
>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D190641631&iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D190641631&iu=3D/4140/ostg.clktrk</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"javascript:_e(%7B%7D,'cvml','Bitcoin-development@lis=
ts.sourceforge.net');" target=3D"_blank">Bitcoin-development@lists.sour=
ceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</blockquote></div>
</blockquote></div>
</blockquote></div>
--001a1133b024013b4d050fad7355--
|
