public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Rusty Russell <rusty@rustcorp.com.au>
To: Peter Todd <pete@petertodd.org>,
	Bitcoin Protocol Discussion
	<bitcoin-dev@lists.linuxfoundation.org>,
	"Christian Decker" <decker.christian@gmail.com>
Cc: Matt Corallo <matt@chaincode.com>
Subject: Re: [bitcoin-dev] Making OP_TRUE standard?
Date: Thu, 31 May 2018 12:17:58 +0930	[thread overview]
Message-ID: <87h8mov8v5.fsf@rustcorp.com.au> (raw)
In-Reply-To: <87muwhvozr.fsf@rustcorp.com.au>

Rusty Russell <rusty@rustcorp.com.au> writes:
> AFAICT the optimal DoS is where:
>
> 1.  Attacker sends a 100,000 vbyte tx @1sat/vbyte.
> 2.  Replaces it with a 108 vbyte tx @2sat/vbyte which spends one of
>     those inputs.
> 3.  Replaces that spent input in the 100k tx and does it again.
>
> It takes 3.5 seconds to propagate to 50% of network[1] (probably much worse
> given 100k txs), so they can only do this about 86 times per block.
>
> That means they send 86 * (100000 + 108) = 8609288 vbytes for a cost of
> 86 * 2 * 108 + 100000 / 2 = 68576 satoshi (assuming 50% chance 100k tx
> gets mined).

This 50% chance assumption is wrong; it's almost 0% for a low enough
fee.  Thus the cost is only 18576, making the cost for the transactions
463x lower than just sending 1sat/vbyte txs under optimal conditions.
That's a bit ouch.[1]

I think a better solution is to address the DoS potential directly:
if a replacement doesn't meet #3 or #4, but *does* increase the feerate
by at least minrelayfee, processing should be delayed by 30-60 seconds.

That means that eventually you will RBF a larger tx, but it'll take
much longer.  Should be easy to implement, too, since similar timers
will be needed for dandelion.

Cheers,
Rusty.
[1] Christian grabbed some more detailed propagation stats for me: larger
    txs do propagate slower, but only by a factor of 2.5 or so.


  reply	other threads:[~2018-06-01  1:20 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-08 23:57 [bitcoin-dev] Making OP_TRUE standard? Rusty Russell
2018-05-09  0:24 ` Olaoluwa Osuntokun
2018-05-09  3:02   ` ZmnSCPxj
2018-05-10  2:08   ` Rusty Russell
2018-05-09 17:56 ` Johnson Lau
2018-05-09 19:27   ` Peter Todd
2018-05-09 20:19     ` Johnson Lau
2018-05-09 20:59       ` Peter Todd
2018-05-09 22:06   ` Olaoluwa Osuntokun
2018-05-10  2:06   ` Rusty Russell
2018-05-10  2:27 ` Luke Dashjr
2018-05-10  3:07   ` ZmnSCPxj
2018-05-15  1:22   ` ZmnSCPxj
2018-05-17  2:44   ` Rusty Russell
2018-05-17 10:28     ` ZmnSCPxj
2018-05-17 17:35       ` Christian Decker
2018-05-17 20:06     ` Jim Posen
2018-05-21  3:44       ` Rusty Russell
2018-05-21  3:56         ` Peter Todd
2018-05-30  2:47           ` Rusty Russell
2018-05-31  2:47             ` Rusty Russell [this message]
2018-05-21 14:20         ` Russell O'Connor
2018-05-10  9:33 ` Jorge Timón
2018-05-10  9:33   ` Jorge Timón
2018-05-10  9:43   ` Luke Dashjr
2018-05-11  2:44     ` ZmnSCPxj

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87h8mov8v5.fsf@rustcorp.com.au \
    --to=rusty@rustcorp.com.au \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=decker.christian@gmail.com \
    --cc=matt@chaincode.com \
    --cc=pete@petertodd.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox