From: Andrew Chow <lists@achow101.com>
To: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Denial of Service using Package Relay
Date: Thu, 06 Jul 2023 17:24:47 +0000 [thread overview]
Message-ID: <67c37967-ba7d-eabe-01e7-c5a0f9ca7da8@achow101.com> (raw)
In-Reply-To: <Ga2AELVMhRn2JlAC1-85LivVhcBhXzsf5ypHXMt_lg9RpwKTxeRxIRr8g8UHUihvxIVNKua6FIGRCjkt4CuNcDtZy2MetpOucpZYoKPW5sw=@protonmail.com>
On 07/06/2023 12:22 PM, alicexbt via bitcoin-dev wrote:
> 1) Register input in A
> 2) Double spend same input with zero fee to your own address
> 3) Register unconfirmed UTXO from 2 in B
Why would unconfirmed inputs be accepted in a coinjoin? That seems
unsafe, regardless of package relay. The sender of the unconfirmed
transaction can already replace it thereby pinning or otherwise
invalidating the coinjoin, it doesn't need package relay.
Furthermore, the coordinator B shouldn't accept the unconfirmed UTXO
from 2 because it doesn't even know about that unconfirmed transaction.
It has zero fee, so it's not going to be relayed.
Conceivably a similar attack can already be done by simply registering
the same UTXO with multiple coordinators anyways. This doesn't require
package relay either.
***
Package relay should help coinjoins since any one of the participants
can rebroadcast the coinjoin with a further CPFP if the coinjoin is
below the minimum relay fee. Some of the upcoming package RBF proposals
should also help by allowing other child transactions in the package to
RBF the entire thing, thereby resolving the need to have everyone
re-sign the coinjoin in order to RBF.
Andrew
prev parent reply other threads:[~2023-07-06 17:25 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-06 16:22 [bitcoin-dev] Denial of Service using Package Relay alicexbt
2023-07-06 17:24 ` Andrew Chow [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=67c37967-ba7d-eabe-01e7-c5a0f9ca7da8@achow101.com \
--to=lists@achow101.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox