Return-Path: Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 3A65DC002D for ; Tue, 10 Jan 2023 10:03:23 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 0669160F8C for ; Tue, 10 Jan 2023 10:03:23 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 0669160F8C Authentication-Results: smtp3.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm3 header.b=M21AaGiV X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.603 X-Spam-Level: X-Spam-Status: No, score=-2.603 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KKC740tIkFYc for ; Tue, 10 Jan 2023 10:03:21 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 2765860E92 Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) by smtp3.osuosl.org (Postfix) with ESMTPS id 2765860E92 for ; Tue, 10 Jan 2023 10:03:20 +0000 (UTC) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id EC9D23200987; Tue, 10 Jan 2023 05:03:19 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Tue, 10 Jan 2023 05:03:20 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1673344999; x=1673431399; bh=2LtDd3lAfDcxK2DvwsElJ6dj/dTf xPQ/62E5Oc2SC8s=; b=M21AaGiVIaSZb1DBzc+p+gIR96wlmfSTPHoCNw9eTCzF QAWASrQU9tnx5F5W2B8on0nc+M8Ca0xRCo4u5eiCnxWEzxC/ILfpnfPu05855u7P ITgCwC0dWj/vUG68Xdg0EA63mSPUiwk2t5dXT0oZY0g2CpWUMRWfNKb90WDJBn3Y sy4Qh60Noo/+0jkEwpCJ9ERrQXUQPHAlF/wEH2mlBNUadGx3I7dL4QwzMrwUcva8 7obZ3Lhl8lRf11UndvJBJsqoEEFRBjKK/n/Bi5WecIGQWRBPilVw8lKgVSVEVWB0 MH7pEKeP4oPQUodpFOa5QnHOuAS54g/z1v7xk1qqvA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrkeekgdduudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvfevuffkfhggtggujgesghdtre ertddtvdenucfhrhhomheprfgvthgvrhcuvfhougguuceophgvthgvsehpvghtvghrthho uggurdhorhhgqeenucggtffrrghtthgvrhhnpeegleetffelteektdelffdthfejheduud evtefhffeggfejieeijedtjedvtdeiieenucffohhmrghinhepghhithhhuhgsrdgtohhm pdhtfihithhtvghrrdgtohhmpdhpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrh fuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthho uggurdhorhhg X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 10 Jan 2023 05:03:19 -0500 (EST) Received: by localhost (Postfix, from userid 1000) id C9A715F823; Tue, 10 Jan 2023 05:03:16 -0500 (EST) Date: Tue, 10 Jan 2023 05:03:16 -0500 From: Peter Todd To: alicexbt Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="AMLAtdOZ1UAiPETv" Content-Disposition: inline In-Reply-To: Cc: bitcoin-dev@lists.linuxfoundation.org Subject: Re: [bitcoin-dev] Why Full-RBF Makes DoS Attacks on Multiparty Protocols Significantly More Expensive X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jan 2023 10:03:23 -0000 --AMLAtdOZ1UAiPETv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 10, 2023 at 09:19:39AM +0000, alicexbt wrote: > Hi Peter, >=20 > > ## How Full-RBF Mitigates the Double-Spend DoS Attack > >=20 > > Modulo tx-pinning, full-rbf mitigates the double-spend DoS attack in a = very > > straightforward way: the low fee transaction is replaced by the higher = fee > > transaction, resulting in the latter getting mined in a reasonable amou= nt of > > time and the protocol making forward progress. >=20 > Asking this question based on a [discussion on twitter][0]. How would you= get extra sats to increase the fees? You're misunderstanding the issue. There is no need for extra sats to incre= ase fees. Coinjoin transactions already have fees set at a level at which you'd expect them to be mined in a reasonable amount of time. Full-RBF ensures th= at, modulo tx pinning, either the coinjoin gets mined, or any double-spend has = to have a high enough feerate that it will be mined in a reasonable amount of = time as well. > It seems this would be possible with Joinmarket, Wasabi and even joinstr = although things would get worse for Whirlpool. Whirlpool coinjoin transacti= ons do not signal BIP 125 RBF so they were not replaceable earlier Bringing up Whirlpool here is silly. Everyone knows Samourai has made, at b= est, some rather insane technical decisions. Quite likely downright malicious wi= th their xpub collection. Their opinion isn't relevant. Cite reputable sources. Anyway, Wasabi would like to move to making coinjoins opt-in to RBF. Though full-rbf may come sooner; for technical reasons opt-in RBF is ugly to imple= ment now as activation needs to be coordinated accross all clients: https://github.com/zkSNACKs/WalletWasabi/issues/9041#issuecomment-1376653020 > however attacker would be able to perform DoS attacks now by double spend= ing their inputs used in coinjoin. As I explained, attackers can already do this with or without full-rbf simp= ly by picking the right time to broadcast the double spend. It's not an effect= ive attack anyway: with a UTXO you can already hold up a coinjoin round by simp= ly failing to complete stage #2 of the coinjoin. Actually doing a double-spend simply guarantees that you're spending money on it. It's only effective with low-fee double-spends in the absence of full-rbf. > [0]: https://twitter.com/dammkewl/status/1599692908860706818 This tweet is nuts. Eg "Gives well connected mining pools an added advantag= e" is simply false. Full-RBF does the exact opposite. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --AMLAtdOZ1UAiPETv Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmO9N+IACgkQLly11TVR Lzc7Qg/8CiKyX8GuvI3dmx9IwVpzwRlmPWz2zqZcHsuW+jmKO2okq5fiIFcXRIMr O0hR4SPtk9cVqDOdZSrvXvGS4UwaQkiTX3bkxOZVpWWT7JviFEo6zeb+0iW0UHKP n2OWweRrhnPXLO0sOQgoZ5SGiGlUMlZ2Jebon2YL9ECHyjPkEbaJe+4BzIXd3Bsb BlUHtAT2pSoNWuKs1dfI7TLlyQQGHqB0D/3iShuV/F0WhY79p38QL+1Is/Iqt9Hi L7FBGgPMi2Oh7ynTN4spLy8akGJwDEKN2s5Ks6DVsbJPHDscZJzb//s8Pt4huOCF MOdwMXwrgQYspkvWQgjS7y0nVel/QkTevGhJsb8jgPFsjyBZij3YZKSnYrT0lhDb mAQaqdoIpq5a3Uc7QW6fm27tWyqxcKWfV3JBNi0mzt1s5xA4Ajdsim9v9U04+jVu CcfU1vh282GNgByMopiqf59Ib59lPCeGLLp4elDQPMRyJWftdNuPIRNmNTVtsG2r I/WqoYYfrqaN++QtWtQf3LsFWcrmG/o3lhoHys+U2RP0yaWG+Bqm8rUkCrN/p+6F 6HOToKXecqb983OBtZyUn7bZJHFQL9dGuUMenn4Ja4fydc45k7JcQA3f8C8Ax4ol A4RRcXqBcQChKFtzlkGL6D7Ai+xyAItf9nl0OjJQgelANL+EurE= =bngQ -----END PGP SIGNATURE----- --AMLAtdOZ1UAiPETv--