MIME-Version: 1.0
References: <CALZpt+E6UqB5cew145PO2qiEMsELJ-TuGyE5PBL04T1tESiOiQ@mail.gmail.com>
In-Reply-To: <CALZpt+E6UqB5cew145PO2qiEMsELJ-TuGyE5PBL04T1tESiOiQ@mail.gmail.com>
From: Jeremy <jlrubin@mit.edu>
Date: Thu, 11 Feb 2021 10:29:35 -0800
Message-ID: <CAD5xwhjGsB38otK5+H30XcnFnUdP+D29_k5=p2ZBgXzvdRRggw@mail.gmail.com>
To: Antoine Riard <antoine.riard@gmail.com>,
 Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="0000000000004bac3d05bb13b4b8"
Subject: Re: [bitcoin-dev] Proposal to stop processing of unrequested
 transactions in Bitcoin Core
Precedence: list

--0000000000004bac3d05bb13b4b8
Content-Type: text/plain; charset="UTF-8"

I'm not sure of the existing behavior is of when we issue a getdata
request, but noting that there could be a privacy implication of this sort
of change. Could you (or someone else) expand on why this is not a concern
here?
--
@JeremyRubin <https://twitter.com/JeremyRubin>
<https://twitter.com/JeremyRubin>


On Wed, Feb 10, 2021 at 6:29 AM Antoine Riard via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> Hi,
>
> I'm proposing to stop the processing of unrequested transactions in
> Bitcoin Core 22.0+ at TX message reception. An unrequested transaction is
> one defined by which a "getdata" message for its specific identifier
> (either txid or wtxid) has not been previously issued by the node [0].
>
> This change is motivated by reducing the CPU DoS surface of Bitcoin Core
> around mempool acceptance. Currently, an attacker can open multiple inbound
> connections to a node and send expensive to validate, junk transactions.
> Once the canonical INV/GETDATA sequence is enforced on the network, a
> further protection would be to deprioritize bandwidth and validation
> resources allocation, or even to wither connections with such DoSy peers. A
> permissioned peer (PF_RELAY) will still be able to bypass such restrictions.
>
> Raw TX message processing has always been tolerated by Core and as such
> some Bitcoin clients aren't bothering with an INV/GETDATA sequence. Such
> change will break their tx-relay capabilities on the p2p network and
> require adaptation from them. Given deployment time of any release, I hope
> it provides a window time wide enough before the old tx-processing behavior
> becomes the minority.
>
> Eager to gather feedback on this proposal, especially if such change is
> deemed as too much constraining or fast on any Bitcoin software.
>
> Cheers,
> Antoine
>
> [0] See https://github.com/bitcoin/bitcoin/pull/20277
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>

--0000000000004bac3d05bb13b4b8
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,he=
lvetica,sans-serif;font-size:small;color:#000000">I&#39;m not sure of the e=
xisting behavior is of when we issue a getdata request, but noting that the=
re could be a privacy implication of this sort of change. Could you (or som=
eone else) expand on why this is not a concern here?</div><div><div dir=3D"=
ltr" class=3D"gmail_signature" data-smartmail=3D"gmail_signature"><div dir=
=3D"ltr">--<br><a href=3D"https://twitter.com/JeremyRubin" target=3D"_blank=
">@JeremyRubin</a><a href=3D"https://twitter.com/JeremyRubin" target=3D"_bl=
ank"></a></div></div></div><br></div><br><div class=3D"gmail_quote"><div di=
r=3D"ltr" class=3D"gmail_attr">On Wed, Feb 10, 2021 at 6:29 AM Antoine Riar=
d via bitcoin-dev &lt;<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.o=
rg">bitcoin-dev@lists.linuxfoundation.org</a>&gt; wrote:<br></div><blockquo=
te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px =
solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div>Hi,<br><br>I=
&#39;m proposing to stop the processing of unrequested transactions in Bitc=
oin Core 22.0+ at TX message reception. An unrequested transaction is one d=
efined by which a &quot;getdata&quot; message for its specific identifier (=
either txid or wtxid) has not been previously issued by the node [0].<br><b=
r>This change is motivated by reducing the CPU DoS surface of Bitcoin Core =
around mempool acceptance. Currently, an attacker can open multiple inbound=
 connections to a node and send expensive to validate, junk transactions. O=
nce the canonical INV/GETDATA sequence is enforced on the network, a furthe=
r protection would be to deprioritize bandwidth and validation resources al=
location, or even to wither connections with such DoSy peers. A permissione=
d peer (PF_RELAY) will still be able to bypass such restrictions.<br><br>Ra=
w TX message processing has always been tolerated by Core and as such some =
Bitcoin clients aren&#39;t bothering with an INV/GETDATA sequence. Such cha=
nge will break their tx-relay capabilities on the p2p network and require a=
daptation from them. Given deployment time of any release, I hope it provid=
es a window time wide enough before the old tx-processing behavior becomes =
the minority.<br><br>Eager to gather feedback on this proposal, especially =
if such change is deemed as too much constraining or fast on any Bitcoin so=
ftware.<br><br>Cheers,<br>Antoine<br><br>[0] See <a href=3D"https://github.=
com/bitcoin/bitcoin/pull/20277" target=3D"_blank">https://github.com/bitcoi=
n/bitcoin/pull/20277</a><br></div></div>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail=
man/listinfo/bitcoin-dev</a><br>
</blockquote></div>

--0000000000004bac3d05bb13b4b8--