Delivery-date: Wed, 27 Mar 2024 05:58:31 -0700 Received: from mail-qv1-f55.google.com ([209.85.219.55]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1rpSrP-0000h2-BN for bitcoindev@gnusha.org; Wed, 27 Mar 2024 05:58:31 -0700 Received: by mail-qv1-f55.google.com with SMTP id 6a1803df08f44-6968eb2becasf30756036d6.2 for ; Wed, 27 Mar 2024 05:58:31 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711544305; cv=pass; d=google.com; s=arc-20160816; b=yhbZGYCdw+3z51FGiKcXz85fs632t5pZG8MNdE9ahE9tPlo/NO8Vhp3HDe7cq5lbz2 4XJegZOYV5gPCGyFzJZG594WCeRPfpLkVn3mVD719CTvqfP3/5WoUnkdtQ/enxiPeHuE tD+7CIRLdp5GMS+9mS8taOqmE4I4T94gRS0k6evRwkJZk5VM1bDD0UbJr/dxt+chRy4e +5h/9pLrFh2tyZAIgdXmHc0gvo7TdOtwI2fWpYpScAOlS6l002CGspvbpqKMAoBZ6MAT jYJ/FJO1LIQpuUgEmGR4HJ/i1FQxm2ze1Dyw6Y7GZg56znU7eQRu0OUUJO9KJXnA2pYP rZTQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :feedback-id:sender:dkim-signature; bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=; fh=fh6BhhyBqYNMHUS/OqdSzKU/RPEcoOMLqPmOjwuHPtU=; b=jB9uS6s5Id4xKIG0TEXHNiS6HtonPhuiq2JgAqw9NEZZflz0KN1hPH2x16Sa0A5yXk PAAKUKlQAt3SHwSOG8IGeVZFgNMTldpGkXdSFJdLslem5lwgtr7AAzZewBMp0oq4V/bG lnzAMqoZ1l4FK5IMynxgu08xOVjUNH1w/wgi/K41xC1oq/F/LrIfVLjp2ayYJ77wJR9l AwN/P60XMJGk12jT9w+QMmoMXrrk3LzsGoovm54fpEN9dkuMGTTbzurYn/fzlh+0FtVN QXTq4/n+IwbktLD6d4FAYVefaDFSm+U0HCTIbol7Mr2lgsl8ZOtZ5LAEIlU8UsfVnoeu NPEQ==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP; spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1711544305; x=1712149105; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id:sender :from:to:cc:subject:date:message-id:reply-to; bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=; b=nwIOA2ZcKxkDZdl6hH1T15+qkFvAuVh42hk/PCXEaSKQmv5zraHG4mwZD5vJrh4Rd3 Vgcu5Ifsp2YNKZ2cGvvw7ttlBQZo8h4CbbUwyZfbYGjyjc75HGyCSEl6dI0SwvDayPsZ ZqG7JXhmAgLQaLQyPmGbwIuLewdd/GqFpPp2TpcCf3ruxQnxnEMXSj2GXeLsb2GRxC9W Eqsp6e6uWiIxN5G2DP+vNlagO+rcEkJq/v62Z6azCkpSR5FNQUPD77PwrdrRyjRADiAF O74nsiUePHOnVeylv80UKudvpW7p3ROCdlCiAbctSUe4zpIdNoX5qz7iY2dP0q8KAlVg hMog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711544305; x=1712149105; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date :message-id:reply-to; bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=; b=FJG38vOdDBzZQOkJcRweex5biB4hcpon5YOW1cSqq9C9bBgTxAP2V0sLQQ0QyMESpv 5ZHajOh59rf+Qj+VDsMEDg7co0OPZKXzIlDI2mxLYeBFiyDRAPFtpysgAtX3uciJJXkV JG+eMP6gumeiBlbyCtgarRQhK4Pxoksy+82Njnuwqwg7Oc1/6vnU25wzE5RutXEEyzO9 IlqhtZ965LpHCrtgkZaNPszW1qjt9HlTQV6LNCjElfv2thHxClnGGktHlJ0knPPb/+5O MZOBlRYP2r1gAeHlaHmAmdQhmdFxH/bntfVl45dSv0BiBliIeDepFNuSt2OTqzGN6Qos ZL9g== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCXTBmvoHX8HmJ9CVI4pkUmwMlwcPaIf2cDovsCYqo5h/o7fUZT8knXqFgb+gs2NA418fEOdaruvT+5mzH3oPn4dTCAwfEc= X-Gm-Message-State: AOJu0Ywh2FUtAM4W6S4iDcsSTfjoeWCQcadhkET9JhA30pHsRuQ1QjUv quyXUnccOtAXvASq4Wrbvui1fyIDdR7kC1PIwxRrozWrbb2Uj2j7 X-Google-Smtp-Source: AGHT+IHWqXcQoH5ovGWKBdziexogF2UYMaeSigoIM1QKlFq86jvuAMGCOVP7kW5mCMXXHeQSYHIZdA== X-Received: by 2002:a05:6214:29c6:b0:696:46a9:cb68 with SMTP id gh6-20020a05621429c600b0069646a9cb68mr1037634qvb.14.1711544304409; Wed, 27 Mar 2024 05:58:24 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a05:6214:252d:b0:690:db56:6d5e with SMTP id gg13-20020a056214252d00b00690db566d5els681772qvb.1.-pod-prod-00-us; Wed, 27 Mar 2024 05:58:23 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUAKG7hc0C4IEWYVYI7/bgLwaoJwAAJo+6p9sSf4l67wblX525zFBEXyNfNsa4KefZdLjkE56L4UpR38EjtVTnDp8MGx4YBezknoHk= X-Received: by 2002:a05:6214:41a0:b0:696:7622:8238 with SMTP id ld32-20020a05621441a000b0069676228238mr79301qvb.4.1711544303609; Wed, 27 Mar 2024 05:58:23 -0700 (PDT) Received: by 2002:a05:620a:2910:b0:78a:4068:6a01 with SMTP id af79cd13be357-78a60ac0e9fms85a; Wed, 27 Mar 2024 05:55:00 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWI0M8IhYQuC1B9y6XwOYI5pUHluyrrc10+E0Wwhy/h28Cpd6DxrH8BLxESqAH7zlGb7FakW9jYQRuoB1WT8vQkTWGCTMgjN2dYrLE= X-Received: by 2002:a05:620a:8222:b0:78a:3827:e3e4 with SMTP id ow34-20020a05620a822200b0078a3827e3e4mr1083129qkn.64.1711544099463; Wed, 27 Mar 2024 05:54:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1711544099; cv=none; d=google.com; s=arc-20160816; b=f6196ThyrSOcLi1XiC6jmCAQ9PQrhUdAmg4iRm3rxawdQWxtCinW0IBaJnp1SCGW07 4nN5qMsDZL9jNoyJ9NrUxG5kWz1mZuCCKGAsYI19pTFtM+EtmkLxuJ4POCKcove7TfN2 hW4DwbMwvgM56S/aYxU0aclVP2MnJOx0CRBfJunmcb6keyoEedi7LUYATfnNf1Pmz6of hQZFZqOekyHGlccEiatGyp8+i8+uIO3rR5dLDuzn3ES/HhvezwoiNQ9rxf9pll5/4lqt F9TpkOL2i9xXC260vV7iTDUZUJ3MuPFdPlRNjHUt9dH0gmN52DE+9lzieTHsFnJj7UM3 Riaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:feedback-id:dkim-signature; bh=vMr0zqUhNYdluiv02yz7J14NlmS6c85wIlr2wbktJtY=; fh=lM3HBVX9/5oP/Cls58FdVbH4FsScOA6ZOgC8y+I6qyI=; b=qI30a2Y4r6TzjjtLXdcv133qUZ/1h3M9uoCx9V2SE5AdLR4U3Luf5VyHlU3OvGMhAy YJdvugJmxs95819KdItSSZAaijDb47R3AFI/xf3eJT4dBRnsu06HLB0hBr5n2jMGkXBi C8eTHZ438cc7jG/Kkl6g0+GaAEMcSr4RdV8Te8TqaPhUWFxLzYfgqhWMe4NBUKp4KaAL W7dZBUDjuXylp0fAe+7qMypUev73FZgnb/INl0kXJ+HSI7v/gBeffTMOlKkc3zffVIuE bjDJaUpb4KN2vq/E0b9HxUeq39RCj3hgL6KAkJEEdjowelPygR/pg5EOJRHP3nX9beKX ojMw==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP; spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org Received: from wfhigh1-smtp.messagingengine.com (wfhigh1-smtp.messagingengine.com. [64.147.123.152]) by gmr-mx.google.com with ESMTPS id ow47-20020a05620a822f00b00789d43b16b3si678697qkn.6.2024.03.27.05.54.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Mar 2024 05:54:59 -0700 (PDT) Received-SPF: pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) client-ip=64.147.123.152; Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailfhigh.west.internal (Postfix) with ESMTP id DB84C18000DF; Wed, 27 Mar 2024 08:54:57 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Wed, 27 Mar 2024 08:54:58 -0400 X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudduiedgvdduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesghdtroertddtvdenucfhrhhomheprfgvthgv rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth gvrhhnpedutdffleekiedtfefgteefjefhffeiffevleegtdfhueeffeejveeljeekfefh ieenucffohhmrghinhepphgvthgvrhhtohguugdrohhrghenucevlhhushhtvghrufhiii gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvgesphgvthgvrhhtohguugdr ohhrgh X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 27 Mar 2024 08:54:56 -0400 (EDT) Received: by localhost (Postfix, from userid 1000) id B2C6F5F834; Wed, 27 Mar 2024 12:54:54 +0000 (UTC) Date: Wed, 27 Mar 2024 12:54:54 +0000 From: Peter Todd To: Antoine Riard Cc: "David A. Harding" , bitcoindev@googlegroups.com Subject: Re: [bitcoindev] A Free-Relay Attack Exploiting RBF Rule #6 Message-ID: References: <012f89763cc336cd91eec13dccefc921@dtrt.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="UljpBEO4e1Hy/v0+" Content-Disposition: inline In-Reply-To: X-Original-Sender: pete@petertodd.org X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP; spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.8 (/) --UljpBEO4e1Hy/v0+ Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline On Wed, Mar 27, 2024 at 06:27:47AM +0000, Antoine Riard wrote: > Hi Dave, > > > Could you tell us more about the disclosure process you followed? I'm > > surprised to see it disclosed without any apparent attempt at patching. > > I'm especially concerned given your past history of publicly revealing > > vulnerabilities before they could be quietly patched[1] and the conflict > > of interest of you using this disclosure to advocate for a policy change > > you are championing. > > In defense of Peter, I don't think there is a low-hanging fruit that could > have > been landed easily in Bitcoin Core. The most obvious ones could have been > a) to reduce `MAX_STANDARD_TX_WEIGHT` or b) a new rule > `max_replacement_bandwidth` > or c) a new absolute-fee based penalty on bandwidth replacement cost. To be clear, I _did_ disclose the issue on bitcoin-security and no-one had any objections to disclosing it publicly. > All hard to integrate in a covert fashion without attracting some attention > from the > community, which would certainly ask why we're changing the marginal > bandwidth cost. > Potentially, impacting unfavorably some use-cases. > > Certainly, Peter's report could have integrated a disclosure timeline at the > example of CVE-2018-17144 [0], which I can recommend to anyone to follow > doing > security research or servicing as a security point of contact in our field. Since this attack is just a relatively minor extension of existing, publicly disclosed, attacks, I don't think there was any need for formal disclosure timelines. It's interesting that the attack exists; it does not substantially change the status quo. I don't believe the other attacks in this attack class are even possible to fix. We just have to live with the fact that a degree of free relay is always going to be possible. > I don't see the conflict of interest in the present disclosure ? It is > public information > that Peter is championing RBFR [1]. I'm not aware of any private interest > unfavorably > influencing Peter's behavior in the conduct of this security issue > disclosure. Well, there is a conflict of interest in trying to keep this issue under wraps: Replace-By-Fee-Rate benefits from public discussion of the fact that many different free-relay attacks are possible. The arguments against RBFR mainly hinge on the idea that free-relay is preventable. -- https://petertodd.org 'peter'[:-1]@petertodd.org -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZgQXHpraCWeEyDKe%40petertodd.org. --UljpBEO4e1Hy/v0+ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmYEFx0ACgkQLly11TVR LzeG/xAAvH2bVpyiRYEoEei4Jx6avGNmz/RNmoCHHwuKA5buo6a+D6mO6UeEfDDL hdHDEt0GCgQFfFnI3re6dN2cqDx3bFmV5K3dloVI6TWNwjM3haqCEcAFZj8ks1qb Aq0i6O728719vALKnilgIHQ5X6N5/dgaR5CKKBiSW0kh5MU5A+dSsIflCH8lrSkO 0996S2W1a9eaU64TJXAAlIR1FylXBm9HSHxaXPvYQ1cspbFXtDfUB1OAZ5I7NGPD 8gf6SGWARo6sXpjlNIAPkR7sAXCAawvwzB/wWnI1bH6JVv5KpAotdwtxm/AWknov TJ0GFspVfEul8igny83OPi3reTREnhfFDIFmqnVTwcCqOfbOjZeF8TpRhexhJc// ZZ2tpVwHMex1LEKHJ1S0VnMV+ns/cgHFvSPMF2gBmKdHWsty2xRLJtJun5X7ETec GxH2ZL5UoYPmjkeyePOnScO0QxHbi28i9MJFrYiNmh3voCUOxIWvtQk16EcUwC9t KyGK6G2p97yXi5c6RaSCOiCiqZhVr46RA0ez+Bt5YLH9+HCyiHMnhQn9NVdAcS9E aZBTM27Dy/xpC7gmMiIXK3sTh3QobXMW3mQdlgGUqQeu23vtkARhA4ZQgFwfKn4a oSFIaaakUvFziS4ZJSElhjt/6RFD8nY33SPrC4SohQVY2Ed+6lA= =eH9y -----END PGP SIGNATURE----- --UljpBEO4e1Hy/v0+--