📅 Original date posted:2019-01-30
📝 Original message:On Tue, Jan 29, 2019 at 6:46 PM <rhavar at protonmail.com> wrote:
>
> If the sender refuses to sign the final transaction, the receiver just
> propagates the template transaction which pays the receiver! So it's a
> pretty weak attack.
>
> The only real attack is that the sender could double-spend the
> template-transaction before it's propagated, but the cost of doing this
> isn't free, as at the very least you need to pay the transaction fees of
> creating a double spend. It's not an amazingly good defence, but it's good
> enough that it's unlikely to get abused (and an attacker would only learn a
> single utxo of the receiver) .
>
Okay, I see what you mean. I better understand the weaknesses you've
identified, and I can't really think of a better solution than what you've
proposed. I also realized that implementors who aren't capable of
integrating signing and UTXO validation wouldn't be the ones trying to
implement this feature, so my concerns there are also moot. Carry on ;)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190130/f26a6e84/attachment.html>;
James MacWhyte [ARCHIVE] /
npub12t…pye9h
2023-06-07 18:16:06
in reply to nevent1q…sp0d
Author Public Key
npub12tjaqer27049ejmvf0f3yd7kq6p93gg6ecavgrczge4rlzf59y5q2pye9hSeen on
wss://relay.nostr.bandPublished at
2023-06-07 18:16:06Event JSON
{
"id": "735629905424029e27f2a14c2679cc083930a8341c910c9c713b4a444059717e",
"pubkey": "52e5d0646af3ea5ccb6c4bd31237d6068258a11ace3ac40f02466a3f89342928",
"created_at": 1686161766,
"kind": 1,
"tags": [
[
"e",
"6bf8222a49fb4148a6986f21159197ddd99c2184c35c708b7835bd3a64813579",
"",
"root"
],
[
"e",
"bb6f3b6f352dfe03cea38c88404875212971a4172c84f30d5c4fa9bf8a3d27c0",
"",
"reply"
],
[
"p",
"47ed572f0827eaf63c4354055640c8a61ef11a2948d31eec71d2828345386c4a"
]
],
"content": "📅 Original date posted:2019-01-30\n📝 Original message:On Tue, Jan 29, 2019 at 6:46 PM \u003crhavar at protonmail.com\u003e wrote:\n\n\u003e\n\u003e If the sender refuses to sign the final transaction, the receiver just\n\u003e propagates the template transaction which pays the receiver! So it's a\n\u003e pretty weak attack.\n\u003e\n\u003e The only real attack is that the sender could double-spend the\n\u003e template-transaction before it's propagated, but the cost of doing this\n\u003e isn't free, as at the very least you need to pay the transaction fees of\n\u003e creating a double spend. It's not an amazingly good defence, but it's good\n\u003e enough that it's unlikely to get abused (and an attacker would only learn a\n\u003e single utxo of the receiver) .\n\u003e\n\nOkay, I see what you mean. I better understand the weaknesses you've\nidentified, and I can't really think of a better solution than what you've\nproposed. I also realized that implementors who aren't capable of\nintegrating signing and UTXO validation wouldn't be the ones trying to\nimplement this feature, so my concerns there are also moot. Carry on ;)\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190130/f26a6e84/attachment.html\u003e",
"sig": "38faab8798790747fa12afc07942cb61f588f74b29f0c00b1e9d10b9f2ec8912e4cafcba67f119213025aca9c41134045597d2eb4e486dd99951101a576ec3cc"
}