1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
Return-Path: <dave@dtrt.org>
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 94164C002D
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Jan 2023 10:12:09 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp2.osuosl.org (Postfix) with ESMTP id 7C25B40A67
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Jan 2023 10:12:09 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 7C25B40A67
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp2.osuosl.org ([127.0.0.1])
by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id He1KnAFhyui8
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Jan 2023 10:12:09 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org EFC7C401B2
Received: from smtpauth.rollernet.us (smtpauth.rollernet.us [208.79.240.5])
by smtp2.osuosl.org (Postfix) with ESMTPS id EFC7C401B2
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 10 Jan 2023 10:12:08 +0000 (UTC)
Received: from smtpauth.rollernet.us (localhost [127.0.0.1])
by smtpauth.rollernet.us (Postfix) with ESMTP id D68512800049;
Tue, 10 Jan 2023 02:02:35 -0800 (PST)
Received: from webmail.rollernet.us (webmail.rollernet.us
[IPv6:2607:fe70:0:14::a])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(Client did not present a certificate)
by smtpauth.rollernet.us (Postfix) with ESMTPSA;
Tue, 10 Jan 2023 02:02:35 -0800 (PST)
MIME-Version: 1.0
Date: Tue, 10 Jan 2023 00:02:35 -1000
From: "David A. Harding" <dave@dtrt.org>
To: Peter Todd <pete@petertodd.org>
In-Reply-To: <Y70mNHsX4JcKYZyi@petertodd.org>
References: <Y7ySzDjzx5eDjOH9@petertodd.org>
<aaaeda2950e61127a3218c523927a0d8@dtrt.org> <Y70mNHsX4JcKYZyi@petertodd.org>
User-Agent: Roundcube Webmail/1.4.10
Message-ID: <6089e1f0140684435bf5e87b0c13d561@dtrt.org>
X-Sender: dave@dtrt.org
Content-Type: text/plain; charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit
X-Rollernet-Abuse: Contact abuse@rollernet.us to report. Abuse policy:
http://www.rollernet.us/policy
X-Rollernet-Submit: Submit ID 866.63bd37bb.7e10e.0
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Why Full-RBF Makes DoS Attacks on Multiparty
Protocols Significantly More Expensive
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2023 10:12:09 -0000
On 2023-01-09 22:47, Peter Todd wrote:
> How do you propose that the participants learn about the double-spend?
> Without
> knowing that it happened, they can't respond as you suggested.
I can think of various ways---many of them probably the same ideas that
would occur to you. More concise than listing them is to just assume
they exist and realize that any protocol software which wants to defeat
the $17.00 pinning attack needs to implement some sort of conflict
monitoring system---but by using that monitoring system to defeat the
$17.00 pinning attack, the software also defeats the $0.05 individual
conflicting input attack without any need for full-RBF.
Full-RBF provides no benefits here except those which are already
provided by other necessary tools.
Thanks,
-Dave
|
