summaryrefslogtreecommitdiff
path: root/d4/43307bc27ce50dc6cdf8b59c7e50635a7cf684
blob: 9032d999c0a991d7268cb97abe0bf45ce4a23f92 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
Return-Path: <pete@petertodd.org>
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
 by lists.linuxfoundation.org (Postfix) with ESMTP id A0C7DC0032;
 Fri, 20 Oct 2023 11:03:51 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp2.osuosl.org (Postfix) with ESMTP id 5C413432D9;
 Fri, 20 Oct 2023 11:03:51 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 5C413432D9
Authentication-Results: smtp2.osuosl.org; dkim=pass (2048-bit key,
 unprotected) header.d=messagingengine.com header.i=@messagingengine.com
 header.a=rsa-sha256 header.s=fm3 header.b=ZNkHh//C
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001,
 RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Received: from smtp2.osuosl.org ([127.0.0.1])
 by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id G3l054IhS0Mq; Fri, 20 Oct 2023 11:03:50 +0000 (UTC)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com
 [64.147.123.21])
 by smtp2.osuosl.org (Postfix) with ESMTPS id F28F740C14;
 Fri, 20 Oct 2023 11:03:49 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org F28F740C14
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.west.internal (Postfix) with ESMTP id C094232009D2;
 Fri, 20 Oct 2023 07:03:48 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Fri, 20 Oct 2023 07:03:49 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-type:content-type:date:date
 :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
 :message-id:mime-version:references:reply-to:sender:subject
 :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
 :x-sasl-enc; s=fm3; t=1697799828; x=1697886228; bh=aSlCCJ70AEmzb
 TtqRm66OEOPSPUs3YN+PW4hpKJNrR4=; b=ZNkHh//CdjJn7JGGCuLppVQxLvjPD
 e1e5VsAKxko4RFMg4MTZIXfgyz3YecJ6Na0c+NzmWiGgPLZ0evemLbZmOHIbZldY
 CbcmW4Ft/0IlQbbvSrgFc7WQkk3a0XCto5695V89n7SlhRFfulQQmtnAJz2oHcwH
 zJr2ugrjf+9XLoDTqLD4TLhrdGB+16HdEsirSo0j65uvtnoObOJ/29pRA6pJtB8d
 bFdF+pHcKOnKWbSBPnL6wLbgg43z2UIe0yIUOrYaKSCE0wBl0yh3OhNskLu6qolO
 wH5RjXCaPIHSoiZMgPFoURvLlmSsT33h0hgogiw3A4JoHtuo1f6DTrROA==
X-ME-Sender: <xms:k14yZVFhfpN44Z1bXaD4ceXeKw57HUXVRuPV7JU9IxN6rfzGXqzp0g>
 <xme:k14yZaVR4JTAD3nNsRI5d1-gS4ib64Vo6uipH5vJQImx_JPEhsxQwnAU-32EZA0Xo
 q9pmnlOtdY1MikcJKk>
X-ME-Received: <xmr:k14yZXJZWT5v51V_r7SAdotFOvkSc6Q3h7L5nsl1Zcs6GZgeG7lt6mkOKw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrjeekgdefgecutefuodetggdotefrodftvf
 curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
 uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc
 fjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvghtvghr
 ucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvg
 hrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefhjedt
 necuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuihiivg
 eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggurdho
 rhhg
X-ME-Proxy: <xmx:k14yZbHtYmi_eMA-uchXgIQNeVnokRaK2u_6MnhYHP8nXv8XvyybEg>
 <xmx:k14yZbX-Gy2v5U4xEwTWXTsOH2kVJN6v8STBJJQ9VkGimKqG727v0A>
 <xmx:k14yZWOthKGQ20otLRwJP2ybNe5W2TvLrErbmIKmTJkmOXgzfhbVfQ>
 <xmx:lF4yZRfAXgzyAxxxL9NFkFAHs_UovDtwEaAIPZXlYZCol_eryV6juA>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 20 Oct 2023 07:03:47 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
 id 717DF5F844; Fri, 20 Oct 2023 11:03:43 +0000 (UTC)
Date: Fri, 20 Oct 2023 11:03:43 +0000
From: Peter Todd <pete@petertodd.org>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Message-ID: <ZTJej/ipIl5hZIUn@petertodd.org>
References: <CALZpt+GdyfDotdhrrVkjTALg5DbxJyiS8ruO2S7Ggmi9Ra5B9g@mail.gmail.com>
 <eW4O0HQJ2cbrzZhXSlgeDRWuhgRHXcAxIQCHJiqPh1zUxr270xPvl_tb7C4DUauZy56HaCq6BqGN9p4k-bkqQmLb4EHzPgIxZIZGVPlqyF0=@protonmail.com>
 <64VpLnXQLbeoc895Z9aR7C1CfH6IFxPFDrk0om-md1eqvdMczLSnhwH29T6EWCXgiGQiRqQnAYsezbvNvoPCdcfvCvp__Y8BA1ow5UwY2yQ=@protonmail.com>
 <ZTJW59wQ/4WLZt2h@petertodd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="NcCIjXxIxSiaTQ3X"
Content-Disposition: inline
In-Reply-To: <ZTJW59wQ/4WLZt2h@petertodd.org>
Cc: security@ariard.me,
 "lightning-dev\\\\\\\\\\\\\\\\@lists.linuxfoundation.org"
 <lightning-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [Lightning-dev] Full Disclosure: CVE-2023-40231 /
 CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are
 belong to us"
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Oct 2023 11:03:51 -0000


--NcCIjXxIxSiaTQ3X
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Oct 20, 2023 at 10:31:03AM +0000, Peter Todd via bitcoin-dev wrote:
> As I have suggested before, the correct way to do pre-signed transactions=
 is to
> pre-sign enough *different* transactions to cover all reasonable needs for
> bumping fees. Even if you just increase the fee by 2x each time, pre-sign=
ing 10
> different replacement transactions covers a fee range of 1024x. And you
> obviously can improve on this by increasing the multiplier towards the en=
d of
> the range.

To be clear, when I say "increasing the multiplier", I mean, starting with a
smaller multiplier at the beginning of the range, and ending with a bigger =
one.

Eg feebumping with fee increases pre-signed for something like:

    1.1
    1.2
    1.4
    1.8
    2.6
    4.2
    7.4

etc.

That would use most of the range for smaller bumps, as a %, with larger % b=
umps
reserved for the end where our strategy is changing to something more
"scorched-earth"

And of course, applying this idea properly to commitment transactions will =
mean
that the replacements may have HTLCs removed, when their value drops below =
the
fees necessary to get those outputs mined.

Note too that we can sign simultaneous variants of transactions that deduct=
 the
fees from different party's outputs. Eg Alice can give Bob the ability to
broadcast higher and higher fee txs, taking the fees from Bob's output(s), =
and
Bob can give Alice the same ability, taking the fees from Alice's output(s)=
=2E I
haven't thought through how this would work with musig. But you can certain=
ly
do that with plain old OP_CheckMultisig.

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--NcCIjXxIxSiaTQ3X
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmUyXowACgkQLly11TVR
Lzervw//adPoWu3UnQEG4j7/YBXG7A8Gt2XBJBylS9lffdH4nZjp8uncbcFeYPQJ
A6h4TnnkxbY1bGpxhhQq6dW3uQGkbjzjbzUlMnC7uU4ohZbqL2MaLqVlS0R8rvcE
4kJxqOvxzkQ6ykhw7MzlgDvydNY5HGIcKNEjhCVZCDVthx+Va4BHScL/5DT6wQ+r
S0n064HdfNe4VuHqByYFpDhpqA/S+o6P+GpxHD+Q6xi6Qu18keImFEoLFDsPyvTV
BrzuNlkDOUmkzE9mKokuHjG/8taT1QPcgf9oYshoI+IXvr+vX1EvK7gu6+GRAIEv
aRvkDH/wcvHL+2gAWq8S8jrwUNrllT2ak5x/O7/YQgC0pVyoudPJGM/UPTAPVOvz
CIm2osBf8fr4QsVp4y99TmPTs/L3qyAELkRr8jbcSUqWtwPtFgOhWiuIia/jcSgI
wZYkQvca6d+yEZ4q6qTuIiytG7Qkm9VXMgec6UQshot4Y25JcJC5HWBti67hVPj9
2bKYF9HELb2x7XlYYJXPWYfGXKQfvg+Pwhje5K4YRUqx9TmUJhuu8GCugdqS9U5C
2U1RZNCWH1BO8pIAz8XXljFn2ynWSBY1gtkPJdUwDHFumKw1uQHVvs2faa6+bbFG
k8P8oNtuKZgedRkg0mvL+/XkFU0Xq1xf3krkTwG3xd+zg+7pplQ=
=tv9f
-----END PGP SIGNATURE-----

--NcCIjXxIxSiaTQ3X--