From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 6877A710 for ; Thu, 8 Mar 2018 18:34:37 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail148101.authsmtp.com (outmail148101.authsmtp.com [62.13.148.101]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5F839466 for ; Thu, 8 Mar 2018 18:34:35 +0000 (UTC) Received: from mail-c247.authsmtp.com (mail-c247.authsmtp.com [62.13.128.247]) by punt21.authsmtp.com. (8.15.2/8.15.2) with ESMTP id w28IYWo0098460; Thu, 8 Mar 2018 18:34:32 GMT (envelope-from pete@petertodd.org) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.15.2/8.15.2) with ESMTPSA id w28IYUUw023377 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 8 Mar 2018 18:34:31 GMT (envelope-from pete@petertodd.org) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 34C5940146; Thu, 8 Mar 2018 18:34:29 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id 9FF78203B0; Thu, 8 Mar 2018 13:34:26 -0500 (EST) Date: Thu, 8 Mar 2018 13:34:26 -0500 From: Peter Todd To: "Russell O'Connor" Message-ID: <20180308183426.GA1093@fedora-23-dvm> References: <20180212225828.GB8551@fedora-23-dvm> <20180212234225.GA9131@fedora-23-dvm> <20180301151129.GA9373@fedora-23-dvm> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="MGYHOYXEY6WxJCY8" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Server-Quench: 578737f2-22ff-11e8-8106-0015176ca198 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aAdMdgoUFVQGAgsB Am4bWlxeU1l7WmI7 bghPaBtcak9QXgdq T0pMXVMcUwdgeHVk Y1keUBpxcAIIf3tx ZwhnWXhcX0Msd1t/ QBgCCGwHMG99YGEf Vl1YdwJRcQRMLU5E Y1gxNiYHcQ5VPz4z GA41ejw8IwAXEilL QxoMMVMUTg4hPwZ0 HkpfVQ8FMwUdQCEy JA1gQkpS X-Authentic-SMTP: 61633532353630.1038:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 52.5.185.120/25 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Revisiting BIP 125 RBF policy. X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Mar 2018 18:34:37 -0000 --MGYHOYXEY6WxJCY8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 08, 2018 at 10:39:46AM -0500, Russell O'Connor wrote: > On Thu, Mar 1, 2018 at 10:11 AM, Peter Todd wrote: > > I mean, I think in general solving this problem is probably not possibl= e. > > Basically, the fundamental problem is someone else has consumed network > > bandwidth that should be paid for with fees. What you're trying to do is > > replace a transaction without paying those fees, which is identical to > > what an > > attacker is trying to do, and thus any such scheme will be as vulnerabl= e to > > attack as not having that protection in the first place. > > > > ...which does give you an out: maybe the attack isn't important enough = to > > matter. :) > > >=20 > Thanks, that makes sense. >=20 > I still think it is worthwhile pursuing this proposed change in RBF policy > as it would seem that the current policy is problematic in practice today > where participants are just performing normal transactions and are not > trying to attack each other. But that's not a good argument: whether or not normal users are trying to attack each other has nothing to do with whether or not you're opening up an attack by relaxing anti-DoS protections. Equally, how often are normal users who aren't attacking each other creating issues anyway? You can always have your wallet code just skip use of RBF replacements in the event that someone does spend an unconfirmed output that you sent them; how often does this actually happen in practice? Not many wallets let you spend unconfirmed outputs that you didn't create. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --MGYHOYXEY6WxJCY8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQGSBAEBCAB8FiEEFcyURjhyM68BBPYTJIFAPaXwkfsFAlqhgiteFIAAAAAAFQBA YmxvY2toYXNoQGJpdGNvaW4ub3JnMDAwMDAwMDAwMDAwMDAwMDAwMzFmOTYxY2Ri YjQ3MjliNjcxMGVmOTg5MWY4M2QxMDljODA0ODg5NTllMDFjYwAKCRAkgUA9pfCR +6U2B/0VEFHT7jYk1VXpc16EpBX+xYoiK5+98GjtkZ9r416bI2DDKyDp85C5PQqd 8kOkOKAqy2vbRYhGXZRYIJkcMChjMHF/s2Va2ZuZ1OlTf4G9TOES+Jcqr8sdN9+l WwN/EXPoaIMrzvu9WCQ/y2FVKJ6idVsZhfy/3G7oVryKCOQj6Y2e2PN0O1OhU7wF 29FdVbYr8GC2kH6vaB05PYbJUBnQDkKRiL+lfOuh5r4j2HGxNnaYFxQSBi5Hsy72 jYzPyJPvFKfRianGntRFSOdCBJB/w2ltQHOPhVo3o6BpxZfPkqV8XLf2vQeRYIWE KKPCF2k65S3OfVgqF+4kjtj55sgW =Cwr1 -----END PGP SIGNATURE----- --MGYHOYXEY6WxJCY8--