public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: justusranvier@riseup.net
To: Eric Lombrozo <elombrozo@gmail.com>
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] F2Pool has enabled full replace-by-fee
Date: Fri, 19 Jun 2015 15:53:01 +0000	[thread overview]
Message-ID: <812d8353e66637ec182da31bc0a9aac1@riseup.net> (raw)
In-Reply-To: <04CE3756-B032-464C-8FBD-7ACDD1A3197D@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2015-06-19 15:37, Eric Lombrozo wrote:
> OK, a few things here:
> 
> The Bitcoin network was designed (or should be designed) with the
> requirement that it can withstand deliberate double-spend attacks that
> can come from anywhere at any time…and relaxing this assumption
> without adequately assessing the risk (i.e. I’ve never been hacked
> before so I can assume it’s safe) is extremely dangerous at best and
> just horrid security practice at worst. Your users might not thank you
> for not getting hacked - but they surely will not like it when you DO
> get hacked…and lack a proper recovery plan.
> 
> Furthermore, the protocol itself makes no assumptions regarding the
> intentions behind someone signing two conflicting transactions. There
> are many potential use cases where doing so could make a lot of sense.
> Had the protocol been designed along the lines of, say,
> tendermint…where signing multiple conflicting blocks results in loss
> of one’s funds…then the protocol itself disincentivizes the behavior
> without requiring any sort of altruistic, moralistic assumptions. That
> would also mean we’d need a different mechanism for the use cases that
> things like RBF address.
> 
> Thirdly, taken to the extreme, the viewpoint of “signing a conflicting
> transaction is fraud and vandalism” means that if for whatever reason
> you attempt to propagate a transaction and nobody mines it for a very
> long time, you’re not entitled to immediately reclaim those funds…they
> must remain in limbo forever.

I'm not talking about changing the protocol - I'm talking about the 
business relationships between users of Bitcoin.

I would expect a payment processor to inform the merchants of relevant 
double spends that it observes on the network, even if the payment is 
actually successful, so that the merchant can decide for themselves 
whether or not to pursue it out of band.

Mining is a kind of technical fallback that allows the network to 
resolve human misbehavior without human intervention. If nobody ever 
attempted to make a fraudulent payment, we wouldn't need mining at all 
because the signed transaction itself is proof of intention to pay. That 
it exists doesn't suddenly make fraud less fraudulent and mean that 
users who are in a position to pursue out of band recourse shouldn't do 
so.

I agree that there are valid reasons for replacing transactions in the 
mempool, I just think they should be implemented in a way that doesn't 
facilitate fraud.

I'd also like to note that "prima facie" doesn't mean "always", it means 
that "the default assumption, unless proven otherwise."

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJVhDqcAAoJECpf2nDq2eYjX/UP/RlVIGqzwvdKftFW8kRW1+Dk
3befE2vEIEWFAShNt0pk7/Isqk7prRWQDKP+VNZSJfaoyE3akOe7s3OPWuevVRqM
Y1N658hYnG6NPebkyp5zUQkjT3mXVxOo9Fw9k7JyHgkWaDcwx330z2n6yztleodq
7hlKdW6sZrgqHw+DoF0Zal3QPN0WYm0XAno3uy71RXOs5cAoUxViuVzWHY0oReTQ
uggTggT1A5acmyOM7v65h9Cb2AKcLvHKfSEIwVQbHxYMOT+3GIJOXPKAluh8MjB3
oWg8ERy5dEEHu5kF/MLPQMg5yVQACuQmO2dlmtRoOs3mUQQj+q7dEil/dZMIp0f+
unDKIwLhXMa0sZ+63123UOgaKGZkF7afed3ueniJWQM80VS0WoZvZYhQadT/sCED
Ntfxifi1ZqCiKFeshyN9z7jDC8QEJ3N176Kr/wX76h/vvnPYicMEcfRgSE8EGd10
+oRQQpYzb69WPSFRhhrR3yG9Dev1JfzNPEaIKKYerDk9Vo3OnQ3VaaqBNZwBDo46
4r3O5orFES/ZxMdzWE1cWp99n4T4L6KxdZXmfQSYHehUJBnt62vKuEk9X/Li2ZWo
i3dr3yxx8xhKGGjsSjG03arz70bkXE7SvrICPOs9OEAdGlJI2liLrSWzYU9BbTle
eWvElyVQJsJHgAU8ygvn
=77NP
-----END PGP SIGNATURE-----




  reply	other threads:[~2015-06-19 15:53 UTC|newest]

Thread overview: 79+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-06-19 10:39 [Bitcoin-development] F2Pool has enabled full replace-by-fee Peter Todd
2015-06-19 13:33 ` Gavin Andresen
2015-06-19 13:52   ` Peter Todd
2015-06-19 14:00     ` Adrian Macneil
2015-06-19 14:08       ` Peter Todd
2015-06-19 14:30         ` Adrian Macneil
2015-06-19 14:59           ` Peter Todd
2015-06-19 15:20             ` Adrian Macneil
2015-06-19 15:40               ` Peter Todd
2015-06-19 16:18                 ` Adrian Macneil
2015-06-19 16:37                   ` Peter Todd
2015-06-19 20:39                   ` Matt Whitlock
2015-06-19 21:05                     ` Frank Flores
2015-06-19 21:15                       ` Jeff Garzik
2015-06-20  0:47                     ` Andreas Petersson
2015-06-20  1:09                       ` Mark Friedenbach
2015-06-20  1:23                         ` Aaron Voisine
2015-06-20  3:07                           ` Eric Lombrozo
2015-06-20  3:48                           ` Luke Dashjr
2015-06-20  4:02                             ` Eric Lombrozo
2015-06-20 16:43                               ` Ivan Brightly
2015-06-20 17:38                                 ` Cameron Hejazi
2015-06-19 14:40       ` Chun Wang
2015-06-19 15:22         ` Adrian Macneil
2015-06-19 13:33 ` Stephen Morse
2015-06-19 13:37   ` Chun Wang
2015-06-19 13:48     ` Peter Todd
2015-06-19 14:16     ` Lawrence Nahum
2015-06-19 13:40   ` Adrian Macneil
2015-06-19 13:44   ` Peter Todd
2015-06-19 13:52     ` Chun Wang
2015-06-19 15:43       ` Jeff Garzik
2015-06-19 19:49       ` Jeffrey Paul
2015-06-19 15:42     ` Jeff Garzik
2015-06-19 16:15     ` Peter Todd
2015-06-19 15:00 ` justusranvier
2015-06-19 15:11   ` Peter Todd
2015-06-19 15:37     ` Eric Lombrozo
2015-06-19 15:53       ` justusranvier [this message]
2015-06-19 16:36         ` Matt Whitlock
2015-06-19 16:42           ` Eric Lombrozo
2015-06-19 16:46             ` Matt Whitlock
2015-06-19 16:53             ` Peter Todd
2015-06-19 16:54             ` justusranvier
2015-06-19 17:00             ` Tier Nolan
2015-06-20 23:20             ` Jorge Timón
2015-06-20 23:37               ` justusranvier
2015-06-21  0:19                 ` Eric Lombrozo
2015-06-21  0:27                   ` justusranvier
2015-06-21  0:36                     ` Eric Lombrozo
2015-06-21  0:54                     ` Eric Lombrozo
2015-06-21  5:56                       ` Tom Harding
2015-06-21  6:45                       ` Jeff Garzik
2015-06-21  7:42                         ` Eric Lombrozo
2015-06-21  8:35                           ` Eric Lombrozo
2015-06-21  8:41                           ` Btc Drak
2015-06-21  8:51                             ` Eric Lombrozo
2015-06-21 19:49                           ` Jeff Garzik
2015-06-21 18:23                       ` Aaron Voisine
2015-06-19 16:44           ` justusranvier
2015-06-19 17:40             ` Jeff Garzik
2015-06-19 17:48               ` justusranvier
2015-06-19 17:50                 ` Jeff Garzik
2015-06-19 18:00                   ` justusranvier
2015-06-19 16:50           ` Milly Bitcoin
2015-06-19 16:41         ` [Bitcoin-development] Remove Us Please Gigas Gaming Inc.
2015-06-19 18:34           ` Jameson Lopp
2015-06-19 19:55             ` John Bodeen
2015-06-19 20:01               ` Brian Hoffman
2015-06-19 20:27                 ` Jameson Lopp
2015-06-20 23:16       ` [Bitcoin-development] F2Pool has enabled full replace-by-fee Jorge Timón
2015-06-20 23:47         ` Eric Lombrozo
2015-06-20 23:52           ` Eric Lombrozo
2015-06-20 23:56           ` Eric Lombrozo
2015-06-19 15:39     ` justusranvier
2015-06-19 15:39 ` Jeff Garzik
2015-06-20 20:04 ` odinn
2015-06-21  2:11 ` Dario Sneidermanis
2015-06-21  2:23   ` Dario Sneidermanis

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=812d8353e66637ec182da31bc0a9aac1@riseup.net \
    --to=justusranvier@riseup.net \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=elombrozo@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox