📅 Original date posted:2019-01-30
📝 Original message:James
On Sun, Jan 27, 2019 at 2:11 PM <rhavar at protonmail.com> wrote:
>
> It isn't passed "back and forth so many times".
>
You are right, I got the wrong impression the first time I read it.
> This is an important anti-DoS/anti-spy tactic, as it proves the sender
> actually owns those inputs and if the protocol is not followed to
> completion, the transaction can be dumped on the network.
>
I'm not convinced this is a valid concern, at least not valid enough to add
extra complications to the process. The sender could still refuse to sign
the final transaction after they see the recipient's in-/outputs; "show me
yours and I'll show you mine" isn't much of a spy deterrent, and nothing
here prevents a DOS attack.
As an implementor, I would suggest keeping the protocol as simple as
possible. By dropping the signing in the first step, the recipient doesn't
need to maintain the ability to lookup and verify unspent outputs. It also
would enforce the increased privacy, which the sender obviously wants if
they are going down this path (in other words, either have the process
complete or fail -- don't give the recipient the ability to broadcast the
not-private transaction against the wishes of the sender).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190129/e3d08376/attachment.html>;
James MacWhyte [ARCHIVE] /
npub12t…pye9h
2023-06-07 18:16:05
in reply to nevent1q…tx0n
Author Public Key
npub12tjaqer27049ejmvf0f3yd7kq6p93gg6ecavgrczge4rlzf59y5q2pye9hPublished at
2023-06-07 18:16:05Event JSON
{
"id": "68114f160a404f39142fb274c4e612a3d6aa7c8347820cd75ee422066b9e8034",
"pubkey": "52e5d0646af3ea5ccb6c4bd31237d6068258a11ace3ac40f02466a3f89342928",
"created_at": 1686161765,
"kind": 1,
"tags": [
[
"e",
"6bf8222a49fb4148a6986f21159197ddd99c2184c35c708b7835bd3a64813579",
"",
"root"
],
[
"e",
"59a4e5dbdbd30ef6947b6cf53b90b2d56b97e764b417ebde8f96bb15c7662134",
"",
"reply"
],
[
"p",
"47ed572f0827eaf63c4354055640c8a61ef11a2948d31eec71d2828345386c4a"
]
],
"content": "📅 Original date posted:2019-01-30\n📝 Original message:James\n\n\nOn Sun, Jan 27, 2019 at 2:11 PM \u003crhavar at protonmail.com\u003e wrote:\n\n\u003e\n\u003e It isn't passed \"back and forth so many times\".\n\u003e\n\nYou are right, I got the wrong impression the first time I read it.\n\n\n\u003e This is an important anti-DoS/anti-spy tactic, as it proves the sender\n\u003e actually owns those inputs and if the protocol is not followed to\n\u003e completion, the transaction can be dumped on the network.\n\u003e\n\nI'm not convinced this is a valid concern, at least not valid enough to add\nextra complications to the process. The sender could still refuse to sign\nthe final transaction after they see the recipient's in-/outputs; \"show me\nyours and I'll show you mine\" isn't much of a spy deterrent, and nothing\nhere prevents a DOS attack.\n\nAs an implementor, I would suggest keeping the protocol as simple as\npossible. By dropping the signing in the first step, the recipient doesn't\nneed to maintain the ability to lookup and verify unspent outputs. It also\nwould enforce the increased privacy, which the sender obviously wants if\nthey are going down this path (in other words, either have the process\ncomplete or fail -- don't give the recipient the ability to broadcast the\nnot-private transaction against the wishes of the sender).\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190129/e3d08376/attachment.html\u003e",
"sig": "478e95cbf10348cf2eb177520f3bc7a2a074120ae8096e38bbf3ae18091ecbe664452c16e40a64112ab3d799348e42e80d07d67e1aca249d671726492bddc25e"
}