Delivery-date: Wed, 27 Mar 2024 05:58:31 -0700
Received: from mail-qv1-f55.google.com ([209.85.219.55])
	by mail.fairlystable.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <bitcoindev+bncBDRYHVHZTUGRB35PSCYAMGQEZAGRSDI@googlegroups.com>)
	id 1rpSrP-0000h2-BN
	for bitcoindev@gnusha.org; Wed, 27 Mar 2024 05:58:31 -0700
Received: by mail-qv1-f55.google.com with SMTP id 6a1803df08f44-6968eb2becasf30756036d6.2
        for <bitcoindev@gnusha.org>; Wed, 27 Mar 2024 05:58:31 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1711544305; cv=pass;
        d=google.com; s=arc-20160816;
        b=yhbZGYCdw+3z51FGiKcXz85fs632t5pZG8MNdE9ahE9tPlo/NO8Vhp3HDe7cq5lbz2
         4XJegZOYV5gPCGyFzJZG594WCeRPfpLkVn3mVD719CTvqfP3/5WoUnkdtQ/enxiPeHuE
         tD+7CIRLdp5GMS+9mS8taOqmE4I4T94gRS0k6evRwkJZk5VM1bDD0UbJr/dxt+chRy4e
         +5h/9pLrFh2tyZAIgdXmHc0gvo7TdOtwI2fWpYpScAOlS6l002CGspvbpqKMAoBZ6MAT
         jYJ/FJO1LIQpuUgEmGR4HJ/i1FQxm2ze1Dyw6Y7GZg56znU7eQRu0OUUJO9KJXnA2pYP
         rZTQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :feedback-id:sender:dkim-signature;
        bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=;
        fh=fh6BhhyBqYNMHUS/OqdSzKU/RPEcoOMLqPmOjwuHPtU=;
        b=jB9uS6s5Id4xKIG0TEXHNiS6HtonPhuiq2JgAqw9NEZZflz0KN1hPH2x16Sa0A5yXk
         PAAKUKlQAt3SHwSOG8IGeVZFgNMTldpGkXdSFJdLslem5lwgtr7AAzZewBMp0oq4V/bG
         lnzAMqoZ1l4FK5IMynxgu08xOVjUNH1w/wgi/K41xC1oq/F/LrIfVLjp2ayYJ77wJR9l
         AwN/P60XMJGk12jT9w+QMmoMXrrk3LzsGoovm54fpEN9dkuMGTTbzurYn/fzlh+0FtVN
         QXTq4/n+IwbktLD6d4FAYVefaDFSm+U0HCTIbol7Mr2lgsl8ZOtZ5LAEIlU8UsfVnoeu
         NPEQ==;
        darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP;
       spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1711544305; x=1712149105; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:feedback-id:sender
         :from:to:cc:subject:date:message-id:reply-to;
        bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=;
        b=nwIOA2ZcKxkDZdl6hH1T15+qkFvAuVh42hk/PCXEaSKQmv5zraHG4mwZD5vJrh4Rd3
         Vgcu5Ifsp2YNKZ2cGvvw7ttlBQZo8h4CbbUwyZfbYGjyjc75HGyCSEl6dI0SwvDayPsZ
         ZqG7JXhmAgLQaLQyPmGbwIuLewdd/GqFpPp2TpcCf3ruxQnxnEMXSj2GXeLsb2GRxC9W
         Eqsp6e6uWiIxN5G2DP+vNlagO+rcEkJq/v62Z6azCkpSR5FNQUPD77PwrdrRyjRADiAF
         O74nsiUePHOnVeylv80UKudvpW7p3ROCdlCiAbctSUe4zpIdNoX5qz7iY2dP0q8KAlVg
         hMog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1711544305; x=1712149105;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:feedback-id
         :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=;
        b=FJG38vOdDBzZQOkJcRweex5biB4hcpon5YOW1cSqq9C9bBgTxAP2V0sLQQ0QyMESpv
         5ZHajOh59rf+Qj+VDsMEDg7co0OPZKXzIlDI2mxLYeBFiyDRAPFtpysgAtX3uciJJXkV
         JG+eMP6gumeiBlbyCtgarRQhK4Pxoksy+82Njnuwqwg7Oc1/6vnU25wzE5RutXEEyzO9
         IlqhtZ965LpHCrtgkZaNPszW1qjt9HlTQV6LNCjElfv2thHxClnGGktHlJ0knPPb/+5O
         MZOBlRYP2r1gAeHlaHmAmdQhmdFxH/bntfVl45dSv0BiBliIeDepFNuSt2OTqzGN6Qos
         ZL9g==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCXTBmvoHX8HmJ9CVI4pkUmwMlwcPaIf2cDovsCYqo5h/o7fUZT8knXqFgb+gs2NA418fEOdaruvT+5mzH3oPn4dTCAwfEc=
X-Gm-Message-State: AOJu0Ywh2FUtAM4W6S4iDcsSTfjoeWCQcadhkET9JhA30pHsRuQ1QjUv
	quyXUnccOtAXvASq4Wrbvui1fyIDdR7kC1PIwxRrozWrbb2Uj2j7
X-Google-Smtp-Source: AGHT+IHWqXcQoH5ovGWKBdziexogF2UYMaeSigoIM1QKlFq86jvuAMGCOVP7kW5mCMXXHeQSYHIZdA==
X-Received: by 2002:a05:6214:29c6:b0:696:46a9:cb68 with SMTP id gh6-20020a05621429c600b0069646a9cb68mr1037634qvb.14.1711544304409;
        Wed, 27 Mar 2024 05:58:24 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:6214:252d:b0:690:db56:6d5e with SMTP id
 gg13-20020a056214252d00b00690db566d5els681772qvb.1.-pod-prod-00-us; Wed, 27
 Mar 2024 05:58:23 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCUAKG7hc0C4IEWYVYI7/bgLwaoJwAAJo+6p9sSf4l67wblX525zFBEXyNfNsa4KefZdLjkE56L4UpR38EjtVTnDp8MGx4YBezknoHk=
X-Received: by 2002:a05:6214:41a0:b0:696:7622:8238 with SMTP id ld32-20020a05621441a000b0069676228238mr79301qvb.4.1711544303609;
        Wed, 27 Mar 2024 05:58:23 -0700 (PDT)
Received: by 2002:a05:620a:2910:b0:78a:4068:6a01 with SMTP id af79cd13be357-78a60ac0e9fms85a;
        Wed, 27 Mar 2024 05:55:00 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCWI0M8IhYQuC1B9y6XwOYI5pUHluyrrc10+E0Wwhy/h28Cpd6DxrH8BLxESqAH7zlGb7FakW9jYQRuoB1WT8vQkTWGCTMgjN2dYrLE=
X-Received: by 2002:a05:620a:8222:b0:78a:3827:e3e4 with SMTP id ow34-20020a05620a822200b0078a3827e3e4mr1083129qkn.64.1711544099463;
        Wed, 27 Mar 2024 05:54:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1711544099; cv=none;
        d=google.com; s=arc-20160816;
        b=f6196ThyrSOcLi1XiC6jmCAQ9PQrhUdAmg4iRm3rxawdQWxtCinW0IBaJnp1SCGW07
         4nN5qMsDZL9jNoyJ9NrUxG5kWz1mZuCCKGAsYI19pTFtM+EtmkLxuJ4POCKcove7TfN2
         hW4DwbMwvgM56S/aYxU0aclVP2MnJOx0CRBfJunmcb6keyoEedi7LUYATfnNf1Pmz6of
         hQZFZqOekyHGlccEiatGyp8+i8+uIO3rR5dLDuzn3ES/HhvezwoiNQ9rxf9pll5/4lqt
         F9TpkOL2i9xXC260vV7iTDUZUJ3MuPFdPlRNjHUt9dH0gmN52DE+9lzieTHsFnJj7UM3
         Riaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:feedback-id:dkim-signature;
        bh=vMr0zqUhNYdluiv02yz7J14NlmS6c85wIlr2wbktJtY=;
        fh=lM3HBVX9/5oP/Cls58FdVbH4FsScOA6ZOgC8y+I6qyI=;
        b=qI30a2Y4r6TzjjtLXdcv133qUZ/1h3M9uoCx9V2SE5AdLR4U3Luf5VyHlU3OvGMhAy
         YJdvugJmxs95819KdItSSZAaijDb47R3AFI/xf3eJT4dBRnsu06HLB0hBr5n2jMGkXBi
         C8eTHZ438cc7jG/Kkl6g0+GaAEMcSr4RdV8Te8TqaPhUWFxLzYfgqhWMe4NBUKp4KaAL
         W7dZBUDjuXylp0fAe+7qMypUev73FZgnb/INl0kXJ+HSI7v/gBeffTMOlKkc3zffVIuE
         bjDJaUpb4KN2vq/E0b9HxUeq39RCj3hgL6KAkJEEdjowelPygR/pg5EOJRHP3nX9beKX
         ojMw==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP;
       spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org
Received: from wfhigh1-smtp.messagingengine.com (wfhigh1-smtp.messagingengine.com. [64.147.123.152])
        by gmr-mx.google.com with ESMTPS id ow47-20020a05620a822f00b00789d43b16b3si678697qkn.6.2024.03.27.05.54.59
        for <bitcoindev@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 27 Mar 2024 05:54:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) client-ip=64.147.123.152;
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
	by mailfhigh.west.internal (Postfix) with ESMTP id DB84C18000DF;
	Wed, 27 Mar 2024 08:54:57 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
  by compute4.internal (MEProxy); Wed, 27 Mar 2024 08:54:58 -0400
X-ME-Sender: <xms:IBcEZh54Oxg9Y1F6gZmwPnIhv3sd4R3ew-vE2hZ0ZMYTurGq4EeouQ>
    <xme:IBcEZu4028bZI-fXpRdrKb_ajrRIOtXmgmkJJzrvXs4m1TwonZQRrBSllQggWQ1zS
    4bp_bf0YX-xVDcdhRY>
X-ME-Received: <xmr:IBcEZoe1q8NhsgLaVp0HIAKiBge0OPpFlV4l7tUaY6hU4hvExzeUak8yRw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudduiedgvdduucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    cujfgurhepfffhvfevuffkfhggtggujgesghdtroertddtvdenucfhrhhomheprfgvthgv
    rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth
    gvrhhnpedutdffleekiedtfefgteefjefhffeiffevleegtdfhueeffeejveeljeekfefh
    ieenucffohhmrghinhepphgvthgvrhhtohguugdrohhrghenucevlhhushhtvghrufhiii
    gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvgesphgvthgvrhhtohguugdr
    ohhrgh
X-ME-Proxy: <xmx:IRcEZqIAi0T3x7OR-jMNiuQ_vFDXe34cCPF_eCrif4Vq1VPkXyq9GQ>
    <xmx:IRcEZlKVXF9c6tkLd-e0fCMlBphm7P1V4cYCheBFYgSPsY1RPFXNXA>
    <xmx:IRcEZjzcEQ36AxpLL0xInhkxZlpQd52qMfLG5PvvY5kycHfraTA8kg>
    <xmx:IRcEZhI_Zh73ncRvXgqakHMZMp1_2KhMdeUESXejxmUFLmlBMtQ0Qw>
    <xmx:IRcEZqrWU2JIAeYCWLleclaeB9NF1x3mmRQtkmqg4Bncmq_7xhRFDh61hjE>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed,
 27 Mar 2024 08:54:56 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
	id B2C6F5F834; Wed, 27 Mar 2024 12:54:54 +0000 (UTC)
Date: Wed, 27 Mar 2024 12:54:54 +0000
From: Peter Todd <pete@petertodd.org>
To: Antoine Riard <antoine.riard@gmail.com>
Cc: "David A. Harding" <dave@dtrt.org>, bitcoindev@googlegroups.com
Subject: Re: [bitcoindev] A Free-Relay Attack Exploiting RBF Rule #6
Message-ID: <ZgQXHpraCWeEyDKe@petertodd.org>
References: <Zfg/6IZyA/iInyMx@petertodd.org>
 <012f89763cc336cd91eec13dccefc921@dtrt.org>
 <CALZpt+HNiwie1RNJOi9WJs-F2=YSvFdwCDfdNDuTdUuSf_kTBg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="UljpBEO4e1Hy/v0+"
Content-Disposition: inline
In-Reply-To: <CALZpt+HNiwie1RNJOi9WJs-F2=YSvFdwCDfdNDuTdUuSf_kTBg@mail.gmail.com>
X-Original-Sender: pete@petertodd.org
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP;       spf=pass
 (google.com: domain of pete@petertodd.org designates 64.147.123.152 as
 permitted sender) smtp.mailfrom=pete@petertodd.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)


--UljpBEO4e1Hy/v0+
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline

On Wed, Mar 27, 2024 at 06:27:47AM +0000, Antoine Riard wrote:
> Hi Dave,
> 
> > Could you tell us more about the disclosure process you followed?  I'm
> > surprised to see it disclosed without any apparent attempt at patching.
> > I'm especially concerned given your past history of publicly revealing
> > vulnerabilities before they could be quietly patched[1] and the conflict
> > of interest of you using this disclosure to advocate for a policy change
> > you are championing.
> 
> In defense of Peter, I don't think there is a low-hanging fruit that could
> have
> been landed easily in Bitcoin Core. The most obvious ones could have been
> a) to reduce `MAX_STANDARD_TX_WEIGHT` or b) a new rule
> `max_replacement_bandwidth`
> or c) a new absolute-fee based penalty on bandwidth replacement cost.

To be clear, I _did_ disclose the issue on bitcoin-security and no-one had any
objections to disclosing it publicly.

> All hard to integrate in a covert fashion without attracting some attention
> from the
> community, which would certainly ask why we're changing the marginal
> bandwidth cost.
> Potentially, impacting unfavorably some use-cases.
> 
> Certainly, Peter's report could have integrated a disclosure timeline at the
> example of CVE-2018-17144 [0], which I can recommend to anyone to follow
> doing
> security research or servicing as a security point of contact in our field.

Since this attack is just a relatively minor extension of existing, publicly
disclosed, attacks, I don't think there was any need for formal disclosure
timelines. It's interesting that the attack exists; it does not substantially
change the status quo.

I don't believe the other attacks in this attack class are even possible to
fix. We just have to live with the fact that a degree of free relay is always
going to be possible.

> I don't see the conflict of interest in the present disclosure ? It is
> public information
> that Peter is championing RBFR [1].  I'm not aware of any private interest
> unfavorably
> influencing Peter's behavior in the conduct of this security issue
> disclosure.

Well, there is a conflict of interest in trying to keep this issue under wraps:
Replace-By-Fee-Rate benefits from public discussion of the fact that many
different free-relay attacks are possible. The arguments against RBFR mainly
hinge on the idea that free-relay is preventable.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZgQXHpraCWeEyDKe%40petertodd.org.

--UljpBEO4e1Hy/v0+
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmYEFx0ACgkQLly11TVR
LzeG/xAAvH2bVpyiRYEoEei4Jx6avGNmz/RNmoCHHwuKA5buo6a+D6mO6UeEfDDL
hdHDEt0GCgQFfFnI3re6dN2cqDx3bFmV5K3dloVI6TWNwjM3haqCEcAFZj8ks1qb
Aq0i6O728719vALKnilgIHQ5X6N5/dgaR5CKKBiSW0kh5MU5A+dSsIflCH8lrSkO
0996S2W1a9eaU64TJXAAlIR1FylXBm9HSHxaXPvYQ1cspbFXtDfUB1OAZ5I7NGPD
8gf6SGWARo6sXpjlNIAPkR7sAXCAawvwzB/wWnI1bH6JVv5KpAotdwtxm/AWknov
TJ0GFspVfEul8igny83OPi3reTREnhfFDIFmqnVTwcCqOfbOjZeF8TpRhexhJc//
ZZ2tpVwHMex1LEKHJ1S0VnMV+ns/cgHFvSPMF2gBmKdHWsty2xRLJtJun5X7ETec
GxH2ZL5UoYPmjkeyePOnScO0QxHbi28i9MJFrYiNmh3voCUOxIWvtQk16EcUwC9t
KyGK6G2p97yXi5c6RaSCOiCiqZhVr46RA0ez+Bt5YLH9+HCyiHMnhQn9NVdAcS9E
aZBTM27Dy/xpC7gmMiIXK3sTh3QobXMW3mQdlgGUqQeu23vtkARhA4ZQgFwfKn4a
oSFIaaakUvFziS4ZJSElhjt/6RFD8nY33SPrC4SohQVY2Ed+6lA=
=eH9y
-----END PGP SIGNATURE-----

--UljpBEO4e1Hy/v0+--