From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XjZYC-0004F9-Kb for bitcoin-development@lists.sourceforge.net; Wed, 29 Oct 2014 20:09:00 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.108 as permitted sender) client-ip=62.13.148.108; envelope-from=pete@petertodd.org; helo=outmail148108.authsmtp.net; Received: from outmail148108.authsmtp.net ([62.13.148.108]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1XjZYA-0007No-TX for bitcoin-development@lists.sourceforge.net; Wed, 29 Oct 2014 20:09:00 +0000 Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235]) by punt15.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s9TK8pTK035858; Wed, 29 Oct 2014 20:08:51 GMT Received: from savin.petertodd.org (75-119-251-161.dsl.teksavvy.com [75.119.251.161]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s9TK8m04019206 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 29 Oct 2014 20:08:50 GMT Date: Wed, 29 Oct 2014 16:08:48 -0400 From: Peter Todd To: Alex Morcos Message-ID: <20141029200848.GA3458@savin.petertodd.org> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="HcAYCG3uE/tztfnV" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: 66553523-5fa7-11e4-b396-002590a15da7 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aAdMdAsUF1YAAgsB AmIbWVReUFV7XGM7 bA9PbARUfEhLXhtr VklWR1pVCwQmQhVl fRZDUh1ydgxEeHg+ ZEZnXHcVWkJ/cEV4 QE1JEDtXYnphaTUb TRJbfgVJcANIexZF O1F6ACIKLwdSbGoL NQ4vNDcwO3BTJTpY RgYVKF8UXXNDJDMj QAoBHDMgVVEFSm0r KBgnIU9UEV0NM0A7 LVomXxoTNBMfQk1Q EkwvSCJCO1gETjYm FkIy X-Authentic-SMTP: 61633532353630.1023:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 75.119.251.161/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1XjZYA-0007No-TX Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Reworking the policy estimation code (fee estimates) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Oct 2014 20:09:00 -0000 --HcAYCG3uE/tztfnV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 27, 2014 at 03:33:45PM -0400, Alex Morcos wrote: > I've been playing around with the code for estimating fees and found a few > issues with the existing code. I think this will address several > observations that the estimates returned by the existing code appear to be > too high. For instance see @cozz in Issue 4866 > . I don't have time to look at the details of your statistical methods unfortunately due to some deadlines, but a quick comment: You should think about the malleability of your estimates to attackers. For instance the current fee estimation code has a serious issue where it'll happily estimate ludicriously high fees based on very little date. There is a 'insane fees' failsafe, but it's IIRC set to allow transactions with fees of less than 100mBTC/tx, roughly $50 at current exchange rates. It's relatively easy to get a wallet into a condition where this happens as the estimations are considered valid even based on very little data - a simple sybil attack suffices. (e.g. the recently published paper(1) on Tor sybil attacks comes to mind as one example of many ways to do this) Obviously this could empty someone's wallet pretty quickly; an exchange that makes a few dozen transactions an hour could easily lose tens of thousands of dollars due to this exploit. Someone correct me if I'm wrong, but last I checked in git HEAD this exploit is still unfixed. A user-configurable failsafe limit is a pretty obvious solution here, albeit a crude one; it'd be interesting to see if a plausible security argument could be made for something more sophisticated, like taking into account coin-age of observed transactions that estimates are based on. 1) "Bitcoin over Tor isn't a good idea", http://arxiv.org/abs/1410.6079 --=20 'peter'[:-1]@petertodd.org 0000000000000000098d3c9095b47ff1fd692fef5ac6731340802c7c63d38bb0 --HcAYCG3uE/tztfnV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQGrBAEBCACVBQJUUUlNXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDAxZGM5NzRlNjc4YTdjYjY1ZDU1ZTIzNmFlYzQ5MzM3ZjRl ZWIyOGU2ZWU5ODIxOGUvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfv//wf/QxtLEzTYc7AiwB8Km0InHqv3 ZEaMmEIjVHBC8eagecvTKP8Jhs/S10Sy0xqU+bNzp1GE7rwxnawKJuSFXqhE98EV UHn4rO8DxReyqbOlpoqmixmAPkwHc92mw8tsCnpqZaFBohypT5Df9mXZghgfIXB6 lsA4y0cRgxZz+JKCCzcoOgkpHt9xdjc26Wj9nl17L+F49aZt3hVV9CwrU0zSN0JZ S93ZW4IR2Q+kJ3Xox7CDoLkd6ZcUJ3qt2/PZHP1UF2j3h8vLc480E/QHjZxurC5L Izr37FY/2y9bHKhBpkLoQC8LlKnUgnEgauAFpqYacUMga+lj8M04UxkdoU4x5A== =zeWG -----END PGP SIGNATURE----- --HcAYCG3uE/tztfnV--