1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
|
Delivery-date: Wed, 27 Mar 2024 05:58:31 -0700
Received: from mail-qv1-f55.google.com ([209.85.219.55])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDRYHVHZTUGRB35PSCYAMGQEZAGRSDI@googlegroups.com>)
id 1rpSrP-0000h2-BN
for bitcoindev@gnusha.org; Wed, 27 Mar 2024 05:58:31 -0700
Received: by mail-qv1-f55.google.com with SMTP id 6a1803df08f44-6968eb2becasf30756036d6.2
for <bitcoindev@gnusha.org>; Wed, 27 Mar 2024 05:58:31 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1711544305; cv=pass;
d=google.com; s=arc-20160816;
b=yhbZGYCdw+3z51FGiKcXz85fs632t5pZG8MNdE9ahE9tPlo/NO8Vhp3HDe7cq5lbz2
4XJegZOYV5gPCGyFzJZG594WCeRPfpLkVn3mVD719CTvqfP3/5WoUnkdtQ/enxiPeHuE
tD+7CIRLdp5GMS+9mS8taOqmE4I4T94gRS0k6evRwkJZk5VM1bDD0UbJr/dxt+chRy4e
+5h/9pLrFh2tyZAIgdXmHc0gvo7TdOtwI2fWpYpScAOlS6l002CGspvbpqKMAoBZ6MAT
jYJ/FJO1LIQpuUgEmGR4HJ/i1FQxm2ze1Dyw6Y7GZg56znU7eQRu0OUUJO9KJXnA2pYP
rZTQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:in-reply-to:content-disposition
:mime-version:references:message-id:subject:cc:to:from:date
:feedback-id:sender:dkim-signature;
bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=;
fh=fh6BhhyBqYNMHUS/OqdSzKU/RPEcoOMLqPmOjwuHPtU=;
b=jB9uS6s5Id4xKIG0TEXHNiS6HtonPhuiq2JgAqw9NEZZflz0KN1hPH2x16Sa0A5yXk
PAAKUKlQAt3SHwSOG8IGeVZFgNMTldpGkXdSFJdLslem5lwgtr7AAzZewBMp0oq4V/bG
lnzAMqoZ1l4FK5IMynxgu08xOVjUNH1w/wgi/K41xC1oq/F/LrIfVLjp2ayYJ77wJR9l
AwN/P60XMJGk12jT9w+QMmoMXrrk3LzsGoovm54fpEN9dkuMGTTbzurYn/fzlh+0FtVN
QXTq4/n+IwbktLD6d4FAYVefaDFSm+U0HCTIbol7Mr2lgsl8ZOtZ5LAEIlU8UsfVnoeu
NPEQ==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP;
spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1711544305; x=1712149105; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id:sender
:from:to:cc:subject:date:message-id:reply-to;
bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=;
b=nwIOA2ZcKxkDZdl6hH1T15+qkFvAuVh42hk/PCXEaSKQmv5zraHG4mwZD5vJrh4Rd3
Vgcu5Ifsp2YNKZ2cGvvw7ttlBQZo8h4CbbUwyZfbYGjyjc75HGyCSEl6dI0SwvDayPsZ
ZqG7JXhmAgLQaLQyPmGbwIuLewdd/GqFpPp2TpcCf3ruxQnxnEMXSj2GXeLsb2GRxC9W
Eqsp6e6uWiIxN5G2DP+vNlagO+rcEkJq/v62Z6azCkpSR5FNQUPD77PwrdrRyjRADiAF
O74nsiUePHOnVeylv80UKudvpW7p3ROCdlCiAbctSUe4zpIdNoX5qz7iY2dP0q8KAlVg
hMog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1711544305; x=1712149105;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id
:x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
:message-id:reply-to;
bh=xy5dP9oV/2/CaEgd+rONTG1Jg4N20QsCUzgnHfsu1iA=;
b=FJG38vOdDBzZQOkJcRweex5biB4hcpon5YOW1cSqq9C9bBgTxAP2V0sLQQ0QyMESpv
5ZHajOh59rf+Qj+VDsMEDg7co0OPZKXzIlDI2mxLYeBFiyDRAPFtpysgAtX3uciJJXkV
JG+eMP6gumeiBlbyCtgarRQhK4Pxoksy+82Njnuwqwg7Oc1/6vnU25wzE5RutXEEyzO9
IlqhtZ965LpHCrtgkZaNPszW1qjt9HlTQV6LNCjElfv2thHxClnGGktHlJ0knPPb/+5O
MZOBlRYP2r1gAeHlaHmAmdQhmdFxH/bntfVl45dSv0BiBliIeDepFNuSt2OTqzGN6Qos
ZL9g==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCXTBmvoHX8HmJ9CVI4pkUmwMlwcPaIf2cDovsCYqo5h/o7fUZT8knXqFgb+gs2NA418fEOdaruvT+5mzH3oPn4dTCAwfEc=
X-Gm-Message-State: AOJu0Ywh2FUtAM4W6S4iDcsSTfjoeWCQcadhkET9JhA30pHsRuQ1QjUv
quyXUnccOtAXvASq4Wrbvui1fyIDdR7kC1PIwxRrozWrbb2Uj2j7
X-Google-Smtp-Source: AGHT+IHWqXcQoH5ovGWKBdziexogF2UYMaeSigoIM1QKlFq86jvuAMGCOVP7kW5mCMXXHeQSYHIZdA==
X-Received: by 2002:a05:6214:29c6:b0:696:46a9:cb68 with SMTP id gh6-20020a05621429c600b0069646a9cb68mr1037634qvb.14.1711544304409;
Wed, 27 Mar 2024 05:58:24 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:6214:252d:b0:690:db56:6d5e with SMTP id
gg13-20020a056214252d00b00690db566d5els681772qvb.1.-pod-prod-00-us; Wed, 27
Mar 2024 05:58:23 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCUAKG7hc0C4IEWYVYI7/bgLwaoJwAAJo+6p9sSf4l67wblX525zFBEXyNfNsa4KefZdLjkE56L4UpR38EjtVTnDp8MGx4YBezknoHk=
X-Received: by 2002:a05:6214:41a0:b0:696:7622:8238 with SMTP id ld32-20020a05621441a000b0069676228238mr79301qvb.4.1711544303609;
Wed, 27 Mar 2024 05:58:23 -0700 (PDT)
Received: by 2002:a05:620a:2910:b0:78a:4068:6a01 with SMTP id af79cd13be357-78a60ac0e9fms85a;
Wed, 27 Mar 2024 05:55:00 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCWI0M8IhYQuC1B9y6XwOYI5pUHluyrrc10+E0Wwhy/h28Cpd6DxrH8BLxESqAH7zlGb7FakW9jYQRuoB1WT8vQkTWGCTMgjN2dYrLE=
X-Received: by 2002:a05:620a:8222:b0:78a:3827:e3e4 with SMTP id ow34-20020a05620a822200b0078a3827e3e4mr1083129qkn.64.1711544099463;
Wed, 27 Mar 2024 05:54:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1711544099; cv=none;
d=google.com; s=arc-20160816;
b=f6196ThyrSOcLi1XiC6jmCAQ9PQrhUdAmg4iRm3rxawdQWxtCinW0IBaJnp1SCGW07
4nN5qMsDZL9jNoyJ9NrUxG5kWz1mZuCCKGAsYI19pTFtM+EtmkLxuJ4POCKcove7TfN2
hW4DwbMwvgM56S/aYxU0aclVP2MnJOx0CRBfJunmcb6keyoEedi7LUYATfnNf1Pmz6of
hQZFZqOekyHGlccEiatGyp8+i8+uIO3rR5dLDuzn3ES/HhvezwoiNQ9rxf9pll5/4lqt
F9TpkOL2i9xXC260vV7iTDUZUJ3MuPFdPlRNjHUt9dH0gmN52DE+9lzieTHsFnJj7UM3
Riaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:feedback-id:dkim-signature;
bh=vMr0zqUhNYdluiv02yz7J14NlmS6c85wIlr2wbktJtY=;
fh=lM3HBVX9/5oP/Cls58FdVbH4FsScOA6ZOgC8y+I6qyI=;
b=qI30a2Y4r6TzjjtLXdcv133qUZ/1h3M9uoCx9V2SE5AdLR4U3Luf5VyHlU3OvGMhAy
YJdvugJmxs95819KdItSSZAaijDb47R3AFI/xf3eJT4dBRnsu06HLB0hBr5n2jMGkXBi
C8eTHZ438cc7jG/Kkl6g0+GaAEMcSr4RdV8Te8TqaPhUWFxLzYfgqhWMe4NBUKp4KaAL
W7dZBUDjuXylp0fAe+7qMypUev73FZgnb/INl0kXJ+HSI7v/gBeffTMOlKkc3zffVIuE
bjDJaUpb4KN2vq/E0b9HxUeq39RCj3hgL6KAkJEEdjowelPygR/pg5EOJRHP3nX9beKX
ojMw==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP;
spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) smtp.mailfrom=pete@petertodd.org
Received: from wfhigh1-smtp.messagingengine.com (wfhigh1-smtp.messagingengine.com. [64.147.123.152])
by gmr-mx.google.com with ESMTPS id ow47-20020a05620a822f00b00789d43b16b3si678697qkn.6.2024.03.27.05.54.59
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 27 Mar 2024 05:54:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of pete@petertodd.org designates 64.147.123.152 as permitted sender) client-ip=64.147.123.152;
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
by mailfhigh.west.internal (Postfix) with ESMTP id DB84C18000DF;
Wed, 27 Mar 2024 08:54:57 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute4.internal (MEProxy); Wed, 27 Mar 2024 08:54:58 -0400
X-ME-Sender: <xms:IBcEZh54Oxg9Y1F6gZmwPnIhv3sd4R3ew-vE2hZ0ZMYTurGq4EeouQ>
<xme:IBcEZu4028bZI-fXpRdrKb_ajrRIOtXmgmkJJzrvXs4m1TwonZQRrBSllQggWQ1zS
4bp_bf0YX-xVDcdhRY>
X-ME-Received: <xmr:IBcEZoe1q8NhsgLaVp0HIAKiBge0OPpFlV4l7tUaY6hU4hvExzeUak8yRw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudduiedgvdduucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
cujfgurhepfffhvfevuffkfhggtggujgesghdtroertddtvdenucfhrhhomheprfgvthgv
rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth
gvrhhnpedutdffleekiedtfefgteefjefhffeiffevleegtdfhueeffeejveeljeekfefh
ieenucffohhmrghinhepphgvthgvrhhtohguugdrohhrghenucevlhhushhtvghrufhiii
gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvgesphgvthgvrhhtohguugdr
ohhrgh
X-ME-Proxy: <xmx:IRcEZqIAi0T3x7OR-jMNiuQ_vFDXe34cCPF_eCrif4Vq1VPkXyq9GQ>
<xmx:IRcEZlKVXF9c6tkLd-e0fCMlBphm7P1V4cYCheBFYgSPsY1RPFXNXA>
<xmx:IRcEZjzcEQ36AxpLL0xInhkxZlpQd52qMfLG5PvvY5kycHfraTA8kg>
<xmx:IRcEZhI_Zh73ncRvXgqakHMZMp1_2KhMdeUESXejxmUFLmlBMtQ0Qw>
<xmx:IRcEZqrWU2JIAeYCWLleclaeB9NF1x3mmRQtkmqg4Bncmq_7xhRFDh61hjE>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed,
27 Mar 2024 08:54:56 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id B2C6F5F834; Wed, 27 Mar 2024 12:54:54 +0000 (UTC)
Date: Wed, 27 Mar 2024 12:54:54 +0000
From: Peter Todd <pete@petertodd.org>
To: Antoine Riard <antoine.riard@gmail.com>
Cc: "David A. Harding" <dave@dtrt.org>, bitcoindev@googlegroups.com
Subject: Re: [bitcoindev] A Free-Relay Attack Exploiting RBF Rule #6
Message-ID: <ZgQXHpraCWeEyDKe@petertodd.org>
References: <Zfg/6IZyA/iInyMx@petertodd.org>
<012f89763cc336cd91eec13dccefc921@dtrt.org>
<CALZpt+HNiwie1RNJOi9WJs-F2=YSvFdwCDfdNDuTdUuSf_kTBg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="UljpBEO4e1Hy/v0+"
Content-Disposition: inline
In-Reply-To: <CALZpt+HNiwie1RNJOi9WJs-F2=YSvFdwCDfdNDuTdUuSf_kTBg@mail.gmail.com>
X-Original-Sender: pete@petertodd.org
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@messagingengine.com header.s=fm2 header.b=I7uY7voP; spf=pass
(google.com: domain of pete@petertodd.org designates 64.147.123.152 as
permitted sender) smtp.mailfrom=pete@petertodd.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)
--UljpBEO4e1Hy/v0+
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
On Wed, Mar 27, 2024 at 06:27:47AM +0000, Antoine Riard wrote:
> Hi Dave,
>
> > Could you tell us more about the disclosure process you followed? I'm
> > surprised to see it disclosed without any apparent attempt at patching.
> > I'm especially concerned given your past history of publicly revealing
> > vulnerabilities before they could be quietly patched[1] and the conflict
> > of interest of you using this disclosure to advocate for a policy change
> > you are championing.
>
> In defense of Peter, I don't think there is a low-hanging fruit that could
> have
> been landed easily in Bitcoin Core. The most obvious ones could have been
> a) to reduce `MAX_STANDARD_TX_WEIGHT` or b) a new rule
> `max_replacement_bandwidth`
> or c) a new absolute-fee based penalty on bandwidth replacement cost.
To be clear, I _did_ disclose the issue on bitcoin-security and no-one had any
objections to disclosing it publicly.
> All hard to integrate in a covert fashion without attracting some attention
> from the
> community, which would certainly ask why we're changing the marginal
> bandwidth cost.
> Potentially, impacting unfavorably some use-cases.
>
> Certainly, Peter's report could have integrated a disclosure timeline at the
> example of CVE-2018-17144 [0], which I can recommend to anyone to follow
> doing
> security research or servicing as a security point of contact in our field.
Since this attack is just a relatively minor extension of existing, publicly
disclosed, attacks, I don't think there was any need for formal disclosure
timelines. It's interesting that the attack exists; it does not substantially
change the status quo.
I don't believe the other attacks in this attack class are even possible to
fix. We just have to live with the fact that a degree of free relay is always
going to be possible.
> I don't see the conflict of interest in the present disclosure ? It is
> public information
> that Peter is championing RBFR [1]. I'm not aware of any private interest
> unfavorably
> influencing Peter's behavior in the conduct of this security issue
> disclosure.
Well, there is a conflict of interest in trying to keep this issue under wraps:
Replace-By-Fee-Rate benefits from public discussion of the fact that many
different free-relay attacks are possible. The arguments against RBFR mainly
hinge on the idea that free-relay is preventable.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZgQXHpraCWeEyDKe%40petertodd.org.
--UljpBEO4e1Hy/v0+
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmYEFx0ACgkQLly11TVR
LzeG/xAAvH2bVpyiRYEoEei4Jx6avGNmz/RNmoCHHwuKA5buo6a+D6mO6UeEfDDL
hdHDEt0GCgQFfFnI3re6dN2cqDx3bFmV5K3dloVI6TWNwjM3haqCEcAFZj8ks1qb
Aq0i6O728719vALKnilgIHQ5X6N5/dgaR5CKKBiSW0kh5MU5A+dSsIflCH8lrSkO
0996S2W1a9eaU64TJXAAlIR1FylXBm9HSHxaXPvYQ1cspbFXtDfUB1OAZ5I7NGPD
8gf6SGWARo6sXpjlNIAPkR7sAXCAawvwzB/wWnI1bH6JVv5KpAotdwtxm/AWknov
TJ0GFspVfEul8igny83OPi3reTREnhfFDIFmqnVTwcCqOfbOjZeF8TpRhexhJc//
ZZ2tpVwHMex1LEKHJ1S0VnMV+ns/cgHFvSPMF2gBmKdHWsty2xRLJtJun5X7ETec
GxH2ZL5UoYPmjkeyePOnScO0QxHbi28i9MJFrYiNmh3voCUOxIWvtQk16EcUwC9t
KyGK6G2p97yXi5c6RaSCOiCiqZhVr46RA0ez+Bt5YLH9+HCyiHMnhQn9NVdAcS9E
aZBTM27Dy/xpC7gmMiIXK3sTh3QobXMW3mQdlgGUqQeu23vtkARhA4ZQgFwfKn4a
oSFIaaakUvFziS4ZJSElhjt/6RFD8nY33SPrC4SohQVY2Ed+6lA=
=eH9y
-----END PGP SIGNATURE-----
--UljpBEO4e1Hy/v0+--
|
