Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <voisine@gmail.com>) id 1XXLPM-0002hM-7a
	for bitcoin-development@lists.sourceforge.net;
	Fri, 26 Sep 2014 02:37:20 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
	designates 74.125.82.177 as permitted sender)
	client-ip=74.125.82.177; envelope-from=voisine@gmail.com;
	helo=mail-we0-f177.google.com; 
Received: from mail-we0-f177.google.com ([74.125.82.177])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1XXLPL-00069A-AR
	for bitcoin-development@lists.sourceforge.net;
	Fri, 26 Sep 2014 02:37:20 +0000
Received: by mail-we0-f177.google.com with SMTP id t60so8931728wes.22
	for <bitcoin-development@lists.sourceforge.net>;
	Thu, 25 Sep 2014 19:37:13 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.99.34 with SMTP id en2mr43862819wib.34.1411699033078;
	Thu, 25 Sep 2014 19:37:13 -0700 (PDT)
Received: by 10.27.85.163 with HTTP; Thu, 25 Sep 2014 19:37:13 -0700 (PDT)
In-Reply-To: <6165581.aoAyGZkGge@crushinator>
References: <CACq0ZD4Ki=7Tba_2UhmuH-dPCbOnfXrJRcLPc+fP6Uur4FpG_A@mail.gmail.com>
	<1447373.AzvO89eGJS@crushinator>
	<CACq0ZD55G7sAXuu-UxoVJuuk1rwxKKwAPg4qkRoTreD1X2fc9Q@mail.gmail.com>
	<6165581.aoAyGZkGge@crushinator>
Date: Thu, 25 Sep 2014 19:37:13 -0700
Message-ID: <CACq0ZD6sMHW6QEHHqDkaZwEwyfuk1CUjb0BRhzt3B+g+8CoP5A@mail.gmail.com>
From: Aaron Voisine <voisine@gmail.com>
To: Matt Whitlock <bip@mattwhitlock.name>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(voisine[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XXLPL-00069A-AR
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] SPV clients and relaying double spends
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 26 Sep 2014 02:37:20 -0000

Of course you wouldn't want nodes to propagate alerts without
independently verifying them, otherwise anyone could just issue alerts
for every new transaction.

Aaron Voisine
breadwallet.com


On Thu, Sep 25, 2014 at 7:16 PM, Matt Whitlock <bip@mattwhitlock.name> wrot=
e:
> Probably the first double-spend attempt (i.e., the second transaction to =
spend the same output(s) as another tx already in the mempool) would still =
need to be relayed. A simple "double-spend alert" wouldn't work because it =
could be forged. But after there have been two attempts to spend the same o=
utput, no further transactions spending that same output should be relayed,=
 in order to prevent flooding the network.
>
>
> On Thursday, 25 September 2014, at 7:12 pm, Aaron Voisine wrote:
>> Something like that would be a great help for SPV clients that can't
>> detect double spends on their own. (still limited of course to sybil
>> attack concerns)
>>
>> Aaron Voisine
>> breadwallet.com
>>
>>
>> On Thu, Sep 25, 2014 at 7:07 PM, Matt Whitlock <bip@mattwhitlock.name> w=
rote:
>> > What's to stop an attacker from broadcasting millions of spends of the=
 same output(s) and overwhelming nodes with slower connections? Might it be=
 a better strategy not to relay the actual transactions (after the first) b=
ut rather only propagate (once) some kind of double-spend alert?
>> >
>> >
>> > On Thursday, 25 September 2014, at 7:02 pm, Aaron Voisine wrote:
>> >> There was some discussion of having nodes relay double-spends in orde=
r
>> >> to alert the network about double spend attempts.
>> >>
>> >> A lot more users will be using SPV wallets in the future, and one of
>> >> the techniques SPV clients use to judge how likely a transaction is t=
o
>> >> be confirmed is if it propagates across the network. I wonder if and
>> >> when double-spend relaying is introduced, if nodes should also send
>> >> BIP61 reject messages or something along those lines to indicate whic=
h
>> >> transactions those nodes believe to be invalid, but are relaying
>> >> anyway.
>> >>
>> >> This would be subject to sybil attacks, as is monitoring propagation,
>> >> however it does still increase the cost of performing a 0 confirmatio=
n
>> >> double spend attack on an SPV client above just relaying double-spend=
s
>> >> without indicating if a node believes the transaction to be valid.
>> >>
>> >> Aaron Voisine
>> >> breadwallet.com
>> >