public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: "Russell O'Connor" <roconnor@blockstream.io>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Revisiting BIP 125 RBF policy.
Date: Fri, 9 Mar 2018 13:28:03 -0500	[thread overview]
Message-ID: <20180309182803.GE2786@fedora-23-dvm> (raw)
In-Reply-To: <CAMZUoKkDnJv33H-DveHtwpnyALS5LoX-OAnabJyvPo4c1DBJRQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2896 bytes --]

On Thu, Mar 08, 2018 at 03:07:43PM -0500, Russell O'Connor wrote:
> On Thu, Mar 8, 2018 at 1:34 PM, Peter Todd <pete@petertodd.org> wrote:
> > But that's not a good argument: whether or not normal users are trying to
> > attack each other has nothing to do with whether or not you're opening up
> > an
> > attack by relaxing anti-DoS protections.
> >
> 
> I'm not suggesting removing the anti-DoS protections.  I'm suggesting that
> replaced transaction require a fee increase of at least the min-fee-rate
> times the size of all the transactions being ejected (in addition to the
> other proposed requirements).

Fair: you're not removing them entirely, but you are weakening them compared to
the status quo.

> > Equally, how often are normal users who aren't attacking each other
> > creating
> > issues anyway? You can always have your wallet code just skip use of RBF
> >
> replacements in the event that someone does spend an unconfirmed output that
> > you sent them; how often does this actually happen in practice?
> 
> 
> Just ask rhavar.  It happens regularly.
> 
> Not many wallets let you spend unconfirmed outputs that you didn't create.
> >
> 
> The problem is with institutional wallets sweeping incoming payments.  It
> seems that in practice they are happy to sweep unconfirmed outputs.

Pity, that does sound like a problem. :(

> Setting all of the above aside for a moment.  We need to understand that
> rational miners are going to prefer to transactions with higher package fee
> rates regardless of whatever your personal preferred RBF policy is.  If we
> do not bring the RBF policy to alignment with what is economically
> rational, then miners are going to change their own policies anyways,
> probably all in slightly different ways.  It behooves everyone to develop a
> reasonable standard RBF policy, that is still robust against possible DoS
> vectors, and aligns with miner incentives, so that all participants know
> what behaviour they can reasonably expect.  It is simply a bonus that this
> change in RBF policy also partially mitigates the problem of pinned
> transactions.

Miners and full nodes have slightly different priorities here; it's not clear
to me why it matters that they implement slightly different policies.


Still, re-reading your initital post, I'm convinced that the weakening of the
DoS protections is probably not a huge problem, so maybe lets try this in a
release and see what happens.

Notably, if people actually use this new replacement behavior, the institutions
doing these sweeps of unconfirmed outputs might stop doing that! That's
probably a good thing, as respends of potentially conflicted unconfirmed
outputs can be dangerous in reorgs; we're better off if outputs are buried
deeply before being spent again.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 614 bytes --]

  reply	other threads:[~2018-03-09 18:28 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-02-12 15:52 [bitcoin-dev] Revisiting BIP 125 RBF policy Russell O'Connor
2018-02-12 17:30 ` rhavar
2018-02-12 22:58 ` Peter Todd
2018-02-12 23:19   ` Russell O'Connor
2018-02-12 23:42     ` Peter Todd
2018-02-12 23:46       ` Russell O'Connor
2018-02-14 14:08       ` Russell O'Connor
2018-02-14 14:16         ` Greg Sanders
2018-02-27 16:25       ` Russell O'Connor
2018-03-01 15:11         ` Peter Todd
2018-03-08 15:39           ` Russell O'Connor
2018-03-08 18:34             ` Peter Todd
2018-03-08 20:07               ` Russell O'Connor
2018-03-09 18:28                 ` Peter Todd [this message]
2018-03-09 18:40                   ` rhavar
2018-02-12 23:23   ` rhavar
2018-02-13 18:40     ` Peter Todd
2018-02-14  2:07       ` rhavar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180309182803.GE2786@fedora-23-dvm \
    --to=pete@petertodd.org \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=roconnor@blockstream.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox