📅 Original date posted:2018-05-30
📝 Original message:Rusty Russell <rusty at rustcorp.com.au> writes:
> AFAICT the optimal DoS is where:
>
> 1. Attacker sends a 100,000 vbyte tx @1sat/vbyte.
> 2. Replaces it with a 108 vbyte tx @2sat/vbyte which spends one of
> those inputs.
> 3. Replaces that spent input in the 100k tx and does it again.
>
> It takes 3.5 seconds to propagate to 50% of network[1] (probably much worse
> given 100k txs), so they can only do this about 86 times per block.
>
> That means they send 86 * (100000 + 108) = 8609288 vbytes for a cost of
> 86 * 2 * 108 + 100000 / 2 = 68576 satoshi (assuming 50% chance 100k tx
> gets mined).
This 50% chance assumption is wrong; it's almost 0% for a low enough
fee. Thus the cost is only 18576, making the cost for the transactions
463x lower than just sending 1sat/vbyte txs under optimal conditions.
That's a bit ouch.[1]
I think a better solution is to address the DoS potential directly:
if a replacement doesn't meet #3 or #4, but *does* increase the feerate
by at least minrelayfee, processing should be delayed by 30-60 seconds.
That means that eventually you will RBF a larger tx, but it'll take
much longer. Should be easy to implement, too, since similar timers
will be needed for dandelion.
Cheers,
Rusty.
[1] Christian grabbed some more detailed propagation stats for me: larger
txs do propagate slower, but only by a factor of 2.5 or so.
Rusty Russell [ARCHIVE] /
npub1zw…hkhpx
2023-06-07 18:11:59
in reply to nevent1q…88yu
Author Public Key
npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpxPublished at
2023-06-07 18:11:59Event JSON
{
"id": "b5dad426a1f19c921a0d5c194825220db3728766bdb9a68fba2ff76434dd7dda",
"pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425",
"created_at": 1686161519,
"kind": 1,
"tags": [
[
"e",
"caee4e3828cad70a0aa9bfba9569480bc6157a528d4896eeab11f571613a9d97",
"",
"root"
],
[
"e",
"f95dff34d0b51d129385589efe5794c8448cd83f49cfe2847a31f653705ba496",
"",
"reply"
],
[
"p",
"13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425"
]
],
"content": "📅 Original date posted:2018-05-30\n📝 Original message:Rusty Russell \u003crusty at rustcorp.com.au\u003e writes:\n\u003e AFAICT the optimal DoS is where:\n\u003e\n\u003e 1. Attacker sends a 100,000 vbyte tx @1sat/vbyte.\n\u003e 2. Replaces it with a 108 vbyte tx @2sat/vbyte which spends one of\n\u003e those inputs.\n\u003e 3. Replaces that spent input in the 100k tx and does it again.\n\u003e\n\u003e It takes 3.5 seconds to propagate to 50% of network[1] (probably much worse\n\u003e given 100k txs), so they can only do this about 86 times per block.\n\u003e\n\u003e That means they send 86 * (100000 + 108) = 8609288 vbytes for a cost of\n\u003e 86 * 2 * 108 + 100000 / 2 = 68576 satoshi (assuming 50% chance 100k tx\n\u003e gets mined).\n\nThis 50% chance assumption is wrong; it's almost 0% for a low enough\nfee. Thus the cost is only 18576, making the cost for the transactions\n463x lower than just sending 1sat/vbyte txs under optimal conditions.\nThat's a bit ouch.[1]\n\nI think a better solution is to address the DoS potential directly:\nif a replacement doesn't meet #3 or #4, but *does* increase the feerate\nby at least minrelayfee, processing should be delayed by 30-60 seconds.\n\nThat means that eventually you will RBF a larger tx, but it'll take\nmuch longer. Should be easy to implement, too, since similar timers\nwill be needed for dandelion.\n\nCheers,\nRusty.\n[1] Christian grabbed some more detailed propagation stats for me: larger\n txs do propagate slower, but only by a factor of 2.5 or so.",
"sig": "ef2c3d4bfa94e2d4d4bd2d30d0c41fe55a0f665998a353e806550189d437207e5d8ffcf88feb4e0cbd40b888ecb57ec5946fc75da521abdc70136d23f5175ab0"
}