public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Eloy <eloyesp@gmail.com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [Opt-in full-RBF] Zero-conf apps in immediate	danger
Date: Thu, 20 Oct 2022 19:02:13 -0300	[thread overview]
Message-ID: <874FE3CC-5F27-40A2-9BD3-FD9937C1A40D@gmail.com> (raw)
In-Reply-To: <CAB3F3DtbxXiHW0GxtaVMMtAo5X7ZcsCPR7odVnwz50qw_3oCLg@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 8691 bytes --]

There is obviously an alternative approach to the issue.

If we like opt-in RBF and would like to keep opt out RBF 0CONF working, we could add another option to punish those nodes that replace transactions. That is, a miner that publishes a block with a NO RBF, that is replaced (that is easy to check for a full node) could stop propagation of that block (so it have less chances to win). That would make the network decide when it is the time to deploy RBF.

It seems obvious for me that most devs prefer full RBF to force users to use centralized stuff (that is why the full RBF option is there already on core), but just wanted to make that clear that there is always a way to enforce a policy (read to keep zero conf working).

Regards.

El 20 de octubre de 2022 18:07:07 ART, Greg Sanders via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> escribió:
>> If it were growing in line with lightning capacity in BTC, per
>bitcoinvisuals.com/ln-capacity; then 15% now would have grown from
>perhaps 4% in May 2021, so perhaps 8% per year. With linear growth,
>getting from 15% to 80% would then be about 8 years.
>
>I'd caution against any metrics-based approach like this, unless it's
>simply used for ballparking potential adoption curves to set a a timeframe
>people can live with.
>
>A large number of coins/users sit on custodial rails and this would
>essentially encumber protocol developers to those KYC/AML institutions. If
>Binance decides to never support Lightning in favor of BNC-wrapped BTC,
>should this be an issue at all for reasoning about a path forward?
>
>Hoping to be wrong,
>Greg
>
>
>
>On Thu, Oct 20, 2022 at 3:59 PM Anthony Towns via bitcoin-dev <
>bitcoin-dev@lists.linuxfoundation.org> wrote:
>
>> On Thu, Oct 20, 2022 at 02:37:53PM +0200, Sergej Kotliar via bitcoin-dev
>> wrote:
>> > > If someone's going to systematically exploit your store via this
>> > > mechanism, it seems like they'd just find a single wallet with a good
>> > > UX for opt-in RBF and lowballing fees, and go to town -- not something
>> > > where opt-in rbf vs fullrbf policies make any difference at all?
>> > Sort of. But yes once this starts being abused systemically we will have
>> to
>> > do something else w RBF payments, such as crediting the amount in BTC to
>> a
>> > custodial account. But this option isn't available to your normal payment
>> > processor type business.
>>
>> So, what I'm hearing is:
>>
>>  * lightning works great, but is still pretty small
>>  * zeroconf works great for txs that opt-out of RBF
>>  * opt-in RBF is a pain for two reasons:
>>     - people don't like that it's not treated as zeroconf
>>     - the risk of fiat/BTC exchange rate changes between
>>       now and when the tx actually confirms is worrying
>>       even if it hasn't caused real problems yet
>>
>> (Please correct me if that's too far wrong)
>>
>> Maybe it would be productive to explore this opt-in RBF part a bit
>> more? ie, see if "we" can come up with better answers to some question
>> along the lines of:
>>
>>  "how can we make on-chain payments for goods priced in fiat work well
>>   for payees that opt-in to RBF?"
>>
>> That seems like the sort of thing that's better solved by a collaboration
>> between wallet devs and merchant devs (and protocol devs?), rather than
>> just one or the other?
>>
>> Is that something that we could talk about here? Or maybe it's better
>> done via an optech workgroup or something?
>>
>> If "we'll credit your account in BTC, then work out the USD coversion
>> and deduct that for your purchase, then you can do whatever you like
>> with any remaining BTC from your on-chain payment" is the idea, maybe we
>> should just roll with that design, but make it more decentralised: have
>> the initial payment setup a lightning channel between the customer and
>> the merchant with the BTC (so it's not custodial), but do some magic to
>> allow USD amounts to be transferred over it (Taro? something oracle based
>> so that both parties are confident a fair exchange rate will be used?).
>>
>> Maybe that particular idea is naive, but having an actual problem to
>> solve seems more constructive than just saying "we want rbf" "but we
>> want zeroconf" all the time?
>>
>> (Ideally the lightning channels above would be dual funded so they could
>> be used for routing more generally; but then dual funded channels are
>> one of the things that get broken by lack of full rbf)
>>
>> > > I thought the "normal" avenue for fooling non-RBF zeroconf was to
>> create
>> > > two conflicting txs in advance, one paying the merchant, one paying
>> > > yourself, connect to many peers, relay the one paying the merchant to
>> > > the merchant, and the other to everyone else.
>> > > I'm just basing this off Peter Todd's stuff from years ago:
>> > >
>> https://np.reddit.com/r/Bitcoin/comments/40ejy8/peter_todd_with_my_doublespendpy_tool_with/cytlhh0/
>> > >
>> https://github.com/petertodd/replace-by-fee-tools/blob/master/doublespend.py
>> > Yeah, I know the list still rehashes a single incident from 10 years ago
>> to
>> > declare the entire practice as unsafe, and ignores real-world data that
>> of
>> > the last million transactions we had zero cases of this successfully
>> > abusing us.
>>
>> I mean, the avenue above isn't easy to exploit -- you have to identify
>> the merchant's node so that they get the bad tx, and you have to connect
>> to many peers so that your preferred tx propogates to miners first --
>> and probably more importantly, it's relatively easy to detect -- if the
>> merchant has a few passive nodes that the attacker doesn't know about
>> it, and uses those to watch for attempted doublespends while it tries
>> to ensure the real tx has propogated widely. So it doesn't surprise me
>> at all that it's not often attempted, and even less often successful.
>>
>> > > > Currently Lightning is somewhere around 15% of our total bitcoin
>> > > > payments.
>> > > So, based on last year's numbers, presumably that makes your bitcoin
>> > > payments break down as something like:
>> > >    5% txs are on-chain and seem shady and are excluded from zeroconf
>> > >   15% txs are lightning
>> > >   20% txs are on-chain but signal rbf and are excluded from zeroconf
>> > >   60% txs are on-chain and seem fine for zeroconf
>> > Numbers are right. Shady is too strong a word,
>>
>> Heh, fair enough.
>>
>> So the above suggests 25% of payments already get a sub-par experience,
>> compared to what you'd like them to have (which sucks, but if you're
>> trying to reinvent both money and payments, maybe isn't surprising). And
>> going full rbf would bump that from 25% to 85%, which would be pretty
>> terrible.
>>
>> > RBF is a strictly worse UX as proven by anyone
>> > accepting bitcoin payments at scale.
>>
>> So let's make it better? Building bitcoin businesses on the lie that
>> unconfirmed txs are safe and won't be replaced is going to bite us
>> eventually; focussing on trying to push that back indefinitely is just
>> going to make everyone less prepared when it eventually happens.
>>
>> > > > For me
>> > > > personally it would be an easier discussion to have when Lightning
>> is at
>> > > > 80%+ of all bitcoin transactions.
>> > > Can you extrapolate from the numbers you've seen to estimate when that
>> > > might be, given current trends?
>> > Not sure, it might be exponential growth, and the next 60% of Lightning
>> > growth happen faster than the first 15%. Hard to tell. But we're likely
>> > talking years here..
>>
>> Okay? Two years is very different from 50 years, and at the moment there's
>> not really any data, so people are just going to go with their gut...
>>
>> If it were growing in line with lightning capacity in BTC, per
>> bitcoinvisuals.com/ln-capacity; then 15% now would have grown from
>> perhaps 4% in May 2021, so perhaps 8% per year. With linear growth,
>> getting from 15% to 80% would then be about 8 years.
>>
>> Presumably that's a laughably terrible model, of course. But if we had
>> some actual numbers where we can watch the progress, it might be a lot
>> easier to be patient about waiting for lightning adoption to hit 80%
>> or whatever, and focus on productive things in the meantime?
>>
>> Cheers,
>> aj
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>>

-- 
Enviado desde mi dispositivo Android con K-9 Mail. Por favor, disculpa mi brevedad.

[-- Attachment #2: Type: text/html, Size: 10439 bytes --]

  reply	other threads:[~2022-10-20 22:02 UTC|newest]

Thread overview: 79+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CABZBVTC5kh7ca3KhVkFPdQjnsPhP4Kun1k3K6cPkarrjUiTJpA@mail.gmail.com>
2022-10-19 14:29 ` [bitcoin-dev] [Opt-in full-RBF] Zero-conf apps in immediate danger Sergej Kotliar
2022-10-19 14:45   ` Erik Aronesty
2022-10-19 15:43   ` Jeremy Rubin
2022-10-19 15:51     ` Greg Sanders
2022-10-19 16:04     ` Sergej Kotliar
2022-10-19 16:08       ` Greg Sanders
2022-10-20  1:37   ` Antoine Riard
2022-10-20 14:11     ` Sergej Kotliar
2022-10-21  1:04       ` Antoine Riard
2022-10-20  4:05   ` Peter Todd
2022-10-21 19:35     ` Peter Todd
2022-10-20  7:22   ` Anthony Towns
2022-10-20 12:37     ` Sergej Kotliar
2022-10-20 14:14       ` Ruben Somsen
2022-10-20 14:17         ` Sergej Kotliar
2022-10-20 19:58       ` Anthony Towns
2022-10-20 21:05         ` David A. Harding
2022-10-20 21:07         ` Greg Sanders
2022-10-20 22:02           ` Eloy [this message]
2022-10-21 12:02           ` Sergej Kotliar
2022-10-21 14:01             ` Greg Sanders
2022-10-21 14:19               ` Sergej Kotliar
2022-10-21 14:47                 ` Greg Sanders
2022-10-21 19:43             ` Peter Todd
2022-10-24  7:55               ` Sergej Kotliar
2022-10-20 22:13         ` Peter Todd
2022-10-21  9:34           ` Sergej Kotliar
2022-10-21 19:33             ` Peter Todd
2022-10-24  7:45               ` Sergej Kotliar
2022-10-21 11:56         ` Sergej Kotliar
2022-10-23 19:20   ` David A. Harding
2022-10-23 20:51     ` alicexbt
     [not found] <6342098B-A548-43C9-8F92-AAD9D0BB66AB@coinspaid.com>
2022-12-03 14:06 ` Daniel Lipshitz
2022-12-01 12:27 Daniel Lipshitz
2022-12-01 22:03 ` Erik Aronesty
2022-12-02  6:34   ` Daniel Lipshitz
2022-12-02  1:52 ` Antoine Riard
2022-12-02  6:59   ` Daniel Lipshitz
2022-12-02  4:30 ` Peter Todd
2022-12-02  7:06   ` Daniel Lipshitz
2022-12-03  8:50     ` Peter Todd
2022-12-03 11:01       ` Daniel Lipshitz
2022-12-03 11:51         ` Daniel Lipshitz
2022-12-03 12:12         ` Peter Todd
2022-12-03 13:17           ` Daniel Lipshitz
2022-12-03 14:03             ` Daniel Lipshitz
2022-12-05 12:21               ` angus
     [not found] <mailman.7.1665662404.16405.bitcoin-dev@lists.linuxfoundation.org>
2022-10-14 10:03 ` John Carvalho
2022-10-14 15:04   ` Peter Todd
2022-10-14 16:28     ` Erik Aronesty
2022-10-15  4:08       ` John Carvalho
2022-10-15  4:20     ` John Carvalho
  -- strict thread matches above, loose matches on Subject: below --
2022-10-07 16:20 Dario Sneidermanis
2022-10-07 17:21 ` David A. Harding
2022-10-07 17:28   ` Greg Sanders
2022-10-07 21:37   ` Dario Sneidermanis
2022-10-11 16:18     ` Pieter Wuille
2022-10-12  5:42     ` Anthony Towns
2022-10-12 16:11       ` Pieter Wuille
2022-10-12 21:44         ` Dario Sneidermanis
2022-10-13  4:35         ` Anthony Towns
2022-10-16  8:08           ` Anthony Towns
2022-10-17 14:25             ` Greg Sanders
2022-10-17 21:41             ` Antoine Riard
2022-10-18  7:00               ` Anthony Towns
2022-10-19  3:01                 ` Antoine Riard
2022-10-19  3:17                 ` alicexbt
2022-10-20 22:08                   ` Peter Todd
2022-11-02 15:04                     ` AdamISZ
2022-10-20 23:18                 ` Peter Todd
2022-11-09 13:19                 ` ArmchairCryptologist
2022-11-10  9:35                   ` ZmnSCPxj
2022-10-07 20:56 ` Luke Dashjr
2022-10-08 20:47 ` alicexbt
2022-10-13 16:07 ` linuxfoundation.cndm1
2022-10-14  2:44   ` alicexbt
2022-10-14 15:02     ` Peter Todd
2022-10-17 20:31 ` Antoine Riard
2022-10-17 22:14 ` Antoine Riard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=874FE3CC-5F27-40A2-9BD3-FD9937C1A40D@gmail.com \
    --to=eloyesp@gmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox