1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
Return-Path: <dp@simplexum.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id F0C42CC6
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 6 Aug 2019 21:36:21 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail.ruggedbytes.com (mail.ruggedbytes.com [88.99.30.248])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5CB1482D
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 6 Aug 2019 21:36:21 +0000 (UTC)
Received: from mail.ruggedbytes.com (localhost [127.0.0.1])
by mail.ruggedbytes.com (Postfix) with ESMTPS id B026D2600524;
Tue, 6 Aug 2019 21:36:19 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=simplexum.com;
s=mail; t=1565127379;
bh=g1DhMzvJzyP7b2qa2OwGH4LN2Ua5YunQgp1GXkZ5N34=;
h=Date:From:To:Cc:Subject:In-Reply-To:References;
b=YU4xPA6Bj8PmO3M+4bY0h2c5cWMUD7bBfukjpuIsnAxey46900eSttP79q/DqG72J
s08ccE8uL1YXiAXbulC8a03oug+zLDcFWC63Bd7VbiOqoQfWeoZYNzND/s5S1D4Jty
XCdqJcdxw/hN5ihiY3gIcxeqR12+9F/4/X6o25tM=
Date: Wed, 7 Aug 2019 02:37:42 +0500
From: Dmitry Petukhov <dp@simplexum.com>
To: Chris Belcher <belcher@riseup.net>
Message-ID: <20190807023742.73750ba3@simplexum.com>
In-Reply-To: <20190807015541.3d8aa849@simplexum.com>
References: <985792b1-e7aa-677b-a7a1-6a5f672da884@riseup.net>
<94534006-D560-4C90-9D5D-A3A64B698518@gmail.com>
<20190726143738.0be561da@simplexum.com>
<3c328312-2bdd-60d9-7425-8db620d09abb@riseup.net>
<20190731205018.10ed4302@simplexum.com>
<ae32dcbb-c950-3b3f-22b9-d152d6b221cb@riseup.net>
<20190802145057.7b81c597@simplexum.com>
<ad501873-8912-765e-8df5-c9b0451fcd0a@riseup.net>
<20190807015541.3d8aa849@simplexum.com>
Organization: simplexum.com
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Tue, 06 Aug 2019 21:41:05 +0000
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Improving JoinMarket's resistance to sybil
attacks using fidelity bonds
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Aug 2019 21:36:22 -0000
Unfortunately, both described schemes fail the same way as
'require TXOs to be consolidated by the owner', by the fact that with
muSig, shared ownership of TXO is possible, as explained by ZmnSCPxj in
[1]. 2P-ECDSA is also possible, just more complex, so just saying 'ban
musig for the bonds' is not the answer, I believe.
[1]
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-August/017217.=
html
=D0=92 Wed, 7 Aug 2019 01:55:41 +0500
Dmitry Petukhov <dp@simplexum.com> wrote:
> =D0=92 Mon, 5 Aug 2019 20:04:26 +0100
> Chris Belcher <belcher@riseup.net> wrote:
>=20
> > So what's needed is a way to make renting out TXOs impossible or
> > very difficult. =20
>=20
> You can make renting the TXOs risky for the attacker. Make it so that
> the entity that rented out the TXO can revoke the participation of
> said TXO in the market, by publishing some special signature. That
> act of revocation can also mean revocation of all other TXOs that
> were used in a bond alongside it. This way, any entity that wants to
> spoil an attacker's consolidation via rent, can rent out its TXO to
> the attacker, and then revoke it, spoiling the whole package the
> attacker have consolidated.
>=20
> There may be other way to impose penalties.
>=20
> For example, all locked TXO may be required to be spendable by *any*
> key that controls any TXO in the 'bond TXO package'. I think this
> should be possible with taproot - you will have to publish a taproot
> trees for your locked TXOs (say, N of them), and the tree for each TXO
> will have N leaves, each leaf will specify a condition "spendable by
> the key N". This way, if I give you my TXO to include it in a bond by
> locking it, you also need to make your other TXOs in a bond spendable
> by me.
>=20
> For both scenarios to work for the attacker, there's need to be an
> off-chain contractual relationship between the parties. Otherwise the
> entity that rents out the TXOs can spoil or just confiscate the bond
> of the entity that rented them, without reprecussions.
|
