1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
Return-Path: <rusty@ozlabs.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 21A5DD24
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 May 2018 02:49:14 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from ozlabs.org (ozlabs.org [203.11.71.1])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4900914B
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 May 2018 02:49:13 +0000 (UTC)
Received: by ozlabs.org (Postfix, from userid 1011)
id 40wZmk549Fz9s0q; Wed, 30 May 2018 12:49:10 +1000 (AEST)
From: Rusty Russell <rusty@rustcorp.com.au>
To: Peter Todd <pete@petertodd.org>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
In-Reply-To: <20180521035658.vfo4wx6ifum2s2o5@petertodd.org>
References: <87po25lmzs.fsf@rustcorp.com.au>
<201805100227.42217.luke@dashjr.org>
<87vabnq9ui.fsf@rustcorp.com.au>
<CADZtCShwOV+GuJ5__GMi9hd2_X=BztASPBihDXakU3Mjb39wcQ@mail.gmail.com>
<87zi0tisft.fsf@rustcorp.com.au>
<20180521035658.vfo4wx6ifum2s2o5@petertodd.org>
Date: Wed, 30 May 2018 12:17:20 +0930
Message-ID: <87muwhvozr.fsf@rustcorp.com.au>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Matt Corallo <matt@chaincode.com>
Subject: Re: [bitcoin-dev] Making OP_TRUE standard?
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 30 May 2018 02:49:14 -0000
Peter Todd <pete@petertodd.org> writes:
> On Mon, May 21, 2018 at 01:14:06PM +0930, Rusty Russell via bitcoin-dev wrote:
>> Jim Posen <jim.posen@gmail.com> writes:
>> > I believe OP_CSV with a relative locktime of 0 could be used to enforce RBF
>> > on the spending tx?
>>
>> Marco points out that if the parent is RBF, this child inherits it, so
>> we're actually good here.
>>
>> However, Matt Corallo points out that you can block RBF will a
>> large-but-lowball tx, as BIP 125 points out:
>>
>> will be replaced by a new transaction...:
>>
>> 3. The replacement transaction pays an absolute fee of at least the sum
>> paid by the original transactions.
>>
>> I understand implementing a single mempool requires these kind of
>> up-front decisions on which tx is "better", but I wonder about the
>> consequences of dropping this heuristic? Peter?
>
> We've discussed this before: that rule prevents bandwidth usage DoS attacks on
> the mempool; it's not a "heuristic". If you drop it, an attacker can repeatedly
> broadcast and replace a series of transactions to use up tx relay bandwidth for
> significantly lower cost than otherwise.
>
> Though these days with relatively high minimum fees that may not matter.
AFAICT the optimal DoS is where:
1. Attacker sends a 100,000 vbyte tx @1sat/vbyte.
2. Replaces it with a 108 vbyte tx @2sat/vbyte which spends one of
those inputs.
3. Replaces that spent input in the 100k tx and does it again.
It takes 3.5 seconds to propagate to 50% of network[1] (probably much worse
given 100k txs), so they can only do this about 86 times per block.
That means they send 86 * (100000 + 108) = 8609288 vbytes for a cost of
86 * 2 * 108 + 100000 / 2 = 68576 satoshi (assuming 50% chance 100k tx
gets mined).
That's a 125x cost over just sending 1sat/vbyte txs under optimal
conditions[2], but it doesn't really reach most low-bandwidth nodes
anyway.
Given that this rule is against miner incentives (assuming mempool is
full), and makes things more complex than they need to be, I think
there's a strong argument for its removal.
Cheers,
Rusty.
[1] http://bitcoinstats.com/network/propagation/
[2] Bandwidth overhead for just sending a 108-vbyte tx is about 160
bytes, so our actual bandwidth per satoshi is closer to 60x
even under optimal conditions.
|
