MIME-Version: 1.0
References: <CACkWPs_F94t9Q8TfyYYGxQANUT78SWFGkTOh6qRwnt=6ct7aig@mail.gmail.com>
 <CAAQdECAspoRJRz7j1ubAe=Cen==AVF5bm-Q2=0TiKc7NtbU65A@mail.gmail.com>
 <CACkWPs_4pjTo50=S86KPEznBs0PU7rd30rBGHq2Q5=6n6hYMgQ@mail.gmail.com>
 <CAHTn92wH17Z+p5cFOLpzsVUuTf4-nZc7tOjQr+_xjSU5groa0Q@mail.gmail.com>
 <CACkWPs9VawCYt7maiNqzafkFnHTiGJQkXMT4VXQQcG-rE2TTNw@mail.gmail.com>
 <Y5jxmItJIpIUVY+x@petertodd.org>
In-Reply-To: <Y5jxmItJIpIUVY+x@petertodd.org>
From: Daniel Lipshitz <daniel@gap600.com>
Date: Tue, 13 Dec 2022 23:58:31 +0200
Message-ID: <CACkWPs_jSLDg3seON0uu=ri6iR9cytXo2MEPJ5PVeap+iDreeQ@mail.gmail.com>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary="0000000000002447d005efbcb937"
Cc: bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>,
 John Carvalho <john@synonym.to>
Subject: Re: [bitcoin-dev] A proposal for Full RBF to not exclude Zero Conf
 use case
Precedence: list

--0000000000002447d005efbcb937
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, 13 Dec 2022 at 23:41 Peter Todd <pete@petertodd.org> wrote:

> On Tue, Dec 13, 2022 at 01:33:00PM +0200, Daniel Lipshitz wrote:
> > I dont think there was anything technical with the implementation and a=
s
> > far as I can tell this is well developed and ready.
>
> There are lots of problems with my first-seen-safe proposal. The only
> reason I
> proposed it in 2015 was as a political compromise.
>
> > The reasons I can find for not being adopted are listed here -
> > https://bitcoincore.org/en/faq/optin_rbf/ under - Why not
> First-seen-safe
> > Replace-by-fee
> >
> >  Those reasons do not seem pertinent here - given OptinRBF already exis=
ts
> > as an option and the added benefit of continuing to be able to support
> > 0-conf.
>
> First-seen-safe is incompatible with the #1 reason why mempoolfullrbf was
> merged into Bitcoin Core: multi-party transactions.
>
> With multi-party transactions such as coinjoins and multi-party lightning
> channels, we want full-rbf behavior because it avoids accidental
> double-spends
> holding up progress in these protocols.

what is meant by accidental double spends ? And do you have any data as to
how often these occur and would cause harm?

Second, for intentional DoS attacks, it
> makes those attacks much more expensive by forcing the attacker to use
> tx-pinning.

how are these Dos attacks mitigated today if Full RBF is not in place ?

>
>
> Nothing less than full-rbf without restritions on outputs works for this
> use-case. The only compromise possible is Antoine Riard's spent-nVersion
> signalling proposal=C2=B9, which has a significant, negative, privacy imp=
act=C2=B2.
> It
> also increases costs and time in many cases, as you often have to create
> new
> outputs to flag full-rbf.
>
> Thus we have a political tradeoff between a handful of centralized servic=
es
> such as yours that benefit from the first-seen status quo, and the much
> larger
> group of users that use Lightning and coinjoins.

How many users are currently using Lightning and coinjoins today ?

> We've already been through
> such a political tradeoff before with the blocksize debate - again, the
> centralized payment providers lost the debate.

I don=E2=80=99t think this has anything to do with block size debate or
decentralisation just looking to protect a significant use case that has
been in place - GAP600 is by no means the only service provider is this
place there are many merchants who do 0-conf on there own.

>
>
>
> Anyway, my advice to you is to either change your business model to make
> use of
> scalable instant payment tech such as Lightning. Or give up on Bitcoin an=
d
> expand your business with other chians, such as BSV=C2=B3. The fact is so=
me
> hashing
> power is already beginning to run with full-rbf=E2=81=B4, and I fully exp=
ect that
> % to
> increase over time.
>
> 1)
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-November/021=
144.html
> 2)
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-December/021=
250.html
> 3) https://www.gap600.com/bitcoin/gap600-supports-bsv/
> 4)
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-December/021=
260.html
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
>
--=20
________________________________
Daniel Lipshitz
GAP600
www.Gap600.com

--0000000000002447d005efbcb937
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
=3D"gmail_attr">On Tue, 13 Dec 2022 at 23:41 Peter Todd &lt;<a href=3D"mail=
to:pete@petertodd.org">pete@petertodd.org</a>&gt; wrote:<br></div><blockquo=
te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-widt=
h:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,20=
4,204)">On Tue, Dec 13, 2022 at 01:33:00PM +0200, Daniel Lipshitz wrote:<br=
>
&gt; I dont think there was anything technical with the implementation and =
as<br>
&gt; far as I can tell this is well developed and ready.<br>
<br>
There are lots of problems with my first-seen-safe proposal. The only reaso=
n I<br>
proposed it in 2015 was as a political compromise.<br>
<br>
&gt; The reasons I can find for not being adopted are listed here -<br>
&gt; <a href=3D"https://bitcoincore.org/en/faq/optin_rbf/" rel=3D"noreferre=
r" target=3D"_blank">https://bitcoincore.org/en/faq/optin_rbf/</a> under - =
Why not First-seen-safe<br>
&gt; Replace-by-fee<br>
&gt; <br>
&gt;=C2=A0 Those reasons do not seem pertinent here - given OptinRBF alread=
y exists<br>
&gt; as an option and the added benefit of continuing to be able to support=
<br>
&gt; 0-conf.<br>
<br>
First-seen-safe is incompatible with the #1 reason why mempoolfullrbf was<b=
r>
merged into Bitcoin Core: multi-party transactions.<br>
<br>
With multi-party transactions such as coinjoins and multi-party lightning<b=
r>
channels, we want full-rbf behavior because it avoids accidental double-spe=
nds<br>
holding up progress in these protocols. </blockquote><div dir=3D"auto">what=
 is meant by accidental double spends ? And do you have any data as to how =
often these occur and would cause harm?</div><div dir=3D"auto"><br></div><b=
lockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-le=
ft-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb=
(204,204,204)" dir=3D"auto">Second, for intentional DoS attacks, it<br>
makes those attacks much more expensive by forcing the attacker to use<br>
tx-pinning.</blockquote><div dir=3D"auto">how are these Dos attacks mitigat=
ed today if Full RBF is not in place ?</div><blockquote class=3D"gmail_quot=
e" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-styl=
e:solid;padding-left:1ex;border-left-color:rgb(204,204,204)" dir=3D"auto"><=
br>
<br>
Nothing less than full-rbf without restritions on outputs works for this<br=
>
use-case. The only compromise possible is Antoine Riard&#39;s spent-nVersio=
n<br>
signalling proposal=C2=B9, which has a significant, negative, privacy impac=
t=C2=B2. It<br>
also increases costs and time in many cases, as you often have to create ne=
w<br>
outputs to flag full-rbf.<br>
<br>
Thus we have a political tradeoff between a handful of centralized services=
<br>
such as yours that benefit from the first-seen status quo, and the much lar=
ger<br>
group of users that use Lightning and coinjoins. </blockquote><div dir=3D"a=
uto">How many users are currently using Lightning and coinjoins today ?</di=
v><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;borde=
r-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color=
:rgb(204,204,204)" dir=3D"auto">We&#39;ve already been through<br>
such a political tradeoff before with the blocksize debate - again, the<br>
centralized payment providers lost the debate.</blockquote><div dir=3D"auto=
">I don=E2=80=99t think this has anything to do with block size debate or d=
ecentralisation just looking to protect a significant use case that has bee=
n in place - GAP600 is by no means the only service provider is this place =
there are many merchants who do 0-conf on there own.=C2=A0</div><blockquote=
 class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:=
1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,=
204)" dir=3D"auto"><br>
<br>
<br>
Anyway, my advice to you is to either change your business model to make us=
e of<br>
scalable instant payment tech such as Lightning. Or give up on Bitcoin and<=
br>
expand your business with other chians, such as BSV=C2=B3. The fact is some=
 hashing<br>
power is already beginning to run with full-rbf=E2=81=B4, and I fully expec=
t that % to<br>
increase over time.<br>
<br>
1) <a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-=
November/021144.html" rel=3D"noreferrer" target=3D"_blank">https://lists.li=
nuxfoundation.org/pipermail/bitcoin-dev/2022-November/021144.html</a><br>
2) <a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-=
December/021250.html" rel=3D"noreferrer" target=3D"_blank">https://lists.li=
nuxfoundation.org/pipermail/bitcoin-dev/2022-December/021250.html</a><br>
3) <a href=3D"https://www.gap600.com/bitcoin/gap600-supports-bsv/" rel=3D"n=
oreferrer" target=3D"_blank">https://www.gap600.com/bitcoin/gap600-supports=
-bsv/</a><br>
4) <a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-=
December/021260.html" rel=3D"noreferrer" target=3D"_blank">https://lists.li=
nuxfoundation.org/pipermail/bitcoin-dev/2022-December/021260.html</a><br>
<br>
-- <br>
<a href=3D"https://petertodd.org" rel=3D"noreferrer" target=3D"_blank">http=
s://petertodd.org</a> &#39;peter&#39;[:-1]@<a href=3D"http://petertodd.org"=
 rel=3D"noreferrer" target=3D"_blank">petertodd.org</a><br>
</blockquote></div></div>-- <br><div dir=3D"ltr" class=3D"gmail_signature" =
data-smartmail=3D"gmail_signature">________________________________<br>Dani=
el Lipshitz<br>GAP600<br><a href=3D"http://www.Gap600.com">www.Gap600.com</=
a><br><br><br></div>

--0000000000002447d005efbcb937--