Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of coinbase.com
	designates 74.125.82.41 as permitted sender)
	client-ip=74.125.82.41; envelope-from=adrian@coinbase.com;
	helo=mail-wg0-f41.google.com; 
MIME-Version: 1.0
In-Reply-To: <20150619145940.GB5695@savin.petertodd.org>
References: <20150619103959.GA32315@savin.petertodd.org>
	<CABsx9T1pnT=Tty3+tg+EUphLwQrWXf9EEwUOGuyNcdu=4wAqTg@mail.gmail.com>
	<20150619135245.GB28875@savin.petertodd.org>
	<CAMK47c_kCgb6hEUf_JePAC_tBK8aCF1W4f1guiAah-Gj_cFfSw@mail.gmail.com>
	<20150619140815.GA32470@savin.petertodd.org>
	<CAMK47c9NhX2gzCioTycEPXqyYeKRM9XgXuW9MGyj=OdGsKVbFg@mail.gmail.com>
	<20150619145940.GB5695@savin.petertodd.org>
Date: Fri, 19 Jun 2015 08:20:52 -0700
Message-ID: <CAMK47c8Mc8v2C4aG=7GdAQ7ZCR2qXhfq-dktNS7bDa00RdKThw@mail.gmail.com>
From: Adrian Macneil <adrian@coinbase.com>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary=f46d043bdeda3faf3f0518e078ec
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] F2Pool has enabled full replace-by-fee
Precedence: list

--f46d043bdeda3faf3f0518e078ec
Content-Type: text/plain; charset=UTF-8

>
> Unless you're sybil attacking the network and miners, consuming valuable
> resources and creating systemic risks of failure like we saw with
> Chainalysis, I don't see how you're getting "very small" double-spend
> probabilities.
>

So connecting to many nodes just because we can and it's not technically
prevented is bad for the network and creating systemic risks of failure,
but relaying harmful double spend transactions just because you can and
it's not technically prevented, is good for everyone?


> You know, you're creating an interesting bit of game theory here: if I'm
> a miner who doesn't already have a mining contract, why not implement
> full-RBF to force Coinbase to offer me one? One reason might be because
> other miners with such a contract - a majority - are going to be asked
> by Coinbase to reorg you out of the blockchain, but then we have a
> situation where a single entity has control of the blockchain.
>

If someone did enter into contracts with miners to mine certain
transactions, and had a guarantee that the miners would not build on
previous blocks which included double spends, then they would only need
contracts with 51% of the network anyway. So it wouldn't really matter if
you were a small time miner and wanted to run full-RBF.


> For the good of Bitcoin, and your own company, you'd do well to firmly
> state that under no condition will Coinbase ever enter into mining
> contracts.
>

I don't personally see what good this does for bitcoin. Now you are
suggesting that we should prevent a 51% attack by using policy and
promises, rather than a technical solution. How is this any better than us
relying on existing double spend rules which are based on policy and
promises?

--f46d043bdeda3faf3f0518e078ec
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><blo=
ckquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #c=
cc solid;padding-left:1ex">Unless you&#39;re sybil attacking the network an=
d miners, consuming valuable<br>
resources and creating systemic risks of failure like we saw with<br>
Chainalysis, I don&#39;t see how you&#39;re getting &quot;very small&quot; =
double-spend<br>
probabilities.<br></blockquote><div><br></div><div>So connecting to many no=
des just because we can and it&#39;s not technically prevented is bad for t=
he network and creating systemic risks of failure, but relaying harmful dou=
ble spend transactions just because you can and it&#39;s not technically pr=
evented, is good for everyone?</div><div>=C2=A0</div><blockquote class=3D"g=
mail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-l=
eft:1ex">You know, you&#39;re creating an interesting bit of game theory he=
re: if I&#39;m<br>
a miner who doesn&#39;t already have a mining contract, why not implement<b=
r>
full-RBF to force Coinbase to offer me one? One reason might be because<br>
other miners with such a contract - a majority - are going to be asked<br>
by Coinbase to reorg you out of the blockchain, but then we have a<br>
situation where a single entity has control of the blockchain.<br></blockqu=
ote><div><br></div><div>If someone did enter into contracts with miners to =
mine certain transactions, and had a guarantee that the miners would not bu=
ild on previous blocks which included double spends, then they would only n=
eed contracts with 51% of the network anyway. So it wouldn&#39;t really mat=
ter if you were a small time miner and wanted to run full-RBF.</div><div>=
=C2=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;bo=
rder-left:1px #ccc solid;padding-left:1ex">For the good of Bitcoin, and you=
r own company, you&#39;d do well to firmly<br>
state that under no condition will Coinbase ever enter into mining<br>
contracts.<br></blockquote><div><br></div><div>I don&#39;t personally see w=
hat good this does for bitcoin. Now you are suggesting that we should preve=
nt a 51% attack by using policy and promises, rather than a technical solut=
ion. How is this any better than us relying on existing double spend rules =
which are based on policy and promises?</div><div><br></div></div></div></d=
iv>

--f46d043bdeda3faf3f0518e078ec--