š
Original date posted:2023-01-10
šļø Summary of this message: Full-RBF can prevent DoS attacks on multi-party protocols caused by double-spending inputs with low-fee transactions, but the issue can also be solved without it.
š Original message:On 2023-01-09 12:18, Peter Todd via bitcoin-dev wrote:
> [The quote:]
>
> "Does fullrbf offer any benefits other than breaking zeroconf
> business
> practices?"
>
> ...has caused a lot of confusion by implying that there were no
> benefits. [...]
>
> tl;dr: without full-rbf people can intentionally and unintentionally
> DoS attack
> multi-party protocols by double-spending their inputs with low-fee txs,
> holding
> up progress until that low-fee tx gets mined.
Hi Peter,
I'm confused. Isn't this an easily solvable issue without full-RBF?
Let's say Alice, Bob, Carol, and Mallory create a coinjoin transaction.
Mallory either intentionally or unintentionally creates a conflicting
transaction that does not opt-in to RBF.
You seem to be proposing that the other participants force the coinjoin
to complete by having the coinjoin transaction replace Mallory's
conflicting transaction, which requires a full-RBF world.
But isn't it also possible in a non-full-RBF world for Alice, Bob, and
Carol to simply create a new coinjoin transaction which does not include
any of Mallory's inputs so it doesn't conflict with Mallory's
transaction? That way their second coinjoin transaction can confirm
independently of Mallory's transaction.
Likewise, if Alice and Mallory attempt an LN dual funding and Mallory
creates a conflict, Alice can just create an alternative dual funding
with Bob rather than try to use full-RBF to force Mallory's earlier dual
funding to confirm.
> ## Transaction Pinning
>
> Exploiting either rule is expensive.
I think this transaction pinning attack against coinjoins and dual
fundings is also solved in a non-full-RBF world by the honest
participants just creating a non-conflicting transaction.
That said, if I'm missing something and these attacks do actually apply,
then it might be worth putting price figures on the attack in terms most
people will understand. The conflicting inputs attack you described in
the beginning as being solved by full-RBF costs about $0.05 USD at
$17,000/BTC. The transaction pinning attack you imply is unsolved by
full-RBF costs about $17.00. If both attacks apply, any protocol which
is vulnerable to a $17.00 attack still seems highly vulnerable to me, so
it doesn't feel like a stretch to say that full-RBF lacks significant
benefits for those protocols.
Thanks,
-Dave
David A. Harding [ARCHIVE] /
npub16dā¦x4wrd
2023-06-07 23:18:27
in reply to nevent1qā¦86rs
Author Public Key
npub16dt55fpq3a8r6zpphd9xngxr46zzqs75gna9cj5vf8pknyv2d7equx4wrdPublished at
2023-06-07 23:18:27Event JSON
{
"id": "8450370cfb3ef6b42b4038e640f1032de84b1e97d71895332993a0ce194ee7fb",
"pubkey": "d3574a24208f4e3d0821bb4a69a0c3ae842043d444fa5c4a8c49c369918a6fb2",
"created_at": 1686179907,
"kind": 1,
"tags": [
[
"e",
"93af7b1be8797d2a1683551105f962f360fcab88fd5768c2fa8ac19d93416ad2",
"",
"root"
],
[
"e",
"56ccfcb32b9fcb5f82b7d7f68473c5ede5f4dba0297068a2f11e3bdb12b325a3",
"",
"reply"
],
[
"p",
"daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa"
]
],
"content": "š
Original date posted:2023-01-10\nšļø Summary of this message: Full-RBF can prevent DoS attacks on multi-party protocols caused by double-spending inputs with low-fee transactions, but the issue can also be solved without it.\nš Original message:On 2023-01-09 12:18, Peter Todd via bitcoin-dev wrote:\n\u003e [The quote:]\n\u003e \n\u003e \"Does fullrbf offer any benefits other than breaking zeroconf \n\u003e business\n\u003e practices?\"\n\u003e \n\u003e ...has caused a lot of confusion by implying that there were no \n\u003e benefits. [...]\n\u003e \n\u003e tl;dr: without full-rbf people can intentionally and unintentionally \n\u003e DoS attack\n\u003e multi-party protocols by double-spending their inputs with low-fee txs, \n\u003e holding\n\u003e up progress until that low-fee tx gets mined.\n\nHi Peter,\n\nI'm confused. Isn't this an easily solvable issue without full-RBF?\nLet's say Alice, Bob, Carol, and Mallory create a coinjoin transaction.\nMallory either intentionally or unintentionally creates a conflicting\ntransaction that does not opt-in to RBF.\n\nYou seem to be proposing that the other participants force the coinjoin\nto complete by having the coinjoin transaction replace Mallory's\nconflicting transaction, which requires a full-RBF world.\n\nBut isn't it also possible in a non-full-RBF world for Alice, Bob, and\nCarol to simply create a new coinjoin transaction which does not include\nany of Mallory's inputs so it doesn't conflict with Mallory's\ntransaction? That way their second coinjoin transaction can confirm\nindependently of Mallory's transaction.\n\nLikewise, if Alice and Mallory attempt an LN dual funding and Mallory\ncreates a conflict, Alice can just create an alternative dual funding\nwith Bob rather than try to use full-RBF to force Mallory's earlier dual\nfunding to confirm.\n\n\u003e ## Transaction Pinning\n\u003e \n\u003e Exploiting either rule is expensive.\n\nI think this transaction pinning attack against coinjoins and dual\nfundings is also solved in a non-full-RBF world by the honest\nparticipants just creating a non-conflicting transaction.\n\nThat said, if I'm missing something and these attacks do actually apply,\nthen it might be worth putting price figures on the attack in terms most\npeople will understand. The conflicting inputs attack you described in\nthe beginning as being solved by full-RBF costs about $0.05 USD at\n$17,000/BTC. The transaction pinning attack you imply is unsolved by\nfull-RBF costs about $17.00. If both attacks apply, any protocol which\nis vulnerable to a $17.00 attack still seems highly vulnerable to me, so\nit doesn't feel like a stretch to say that full-RBF lacks significant\nbenefits for those protocols.\n\nThanks,\n\n-Dave",
"sig": "38d7163688aed920453dd417542ab4be2bd3c45a65b7d767f6db32c33255199236f9e0652bcc92fc6399eca08ac8cb5116dfbfaccf769bd7e828d2928cbd768d"
}