> Point is, the attacker is thousands of UTXOs can also DoS rounds by simply
> failing to complete the round. In fact, the double-spend DoS attack requires
> more resources, because for a double-spend to be succesful, BTC has to be spent
> on fees.

I think I agree that effectively a DoS-by-abstention is lower cost than a  DoS-by-RBF-otpout, as in the second case the UTXO double-spent must be still acquired. However, I wonder if the second DoS case isn't more economically efficient for the attacker as you can re-use the same UTXO (or the lineage of it) many times as the coinjoin coordinator have a limited visibility (in the very best case) of the network mempools to blame confidently.

Acquiring thousands of UTXO, whatever the origin, isn't free. Electricity burns if they have been mined, fiat if they have been acquired through exchange, time and energy if they have been earned as income.

> It's just a fact of life that a motivated attacker can DoS attack Wasabi by
> spending money. That's a design choice that's serving them well so far.

I believe it's hard to make any open, p2p coinjoin services robust against a deep-pocketed attacker practicing that type of DoS attacks. In theory, an attacker could maintain the DoS for long enough to ruin the reputation of the service until it's out of the market. It would be interesting to know if you can design a DoS mitigation (e.g against DoS-by-abstention) offering the advantage to the targeted service after one-round or a fixed number of rounds.

> The other users' only practical choice is to double-spend their own input
> to get their money back(at competitive rates much higher than the
> attacker), or wait and hope you win a propagation race somewhere.

Yes, that's of the annoying concern with DoS-by-RBF-optout against DoS-by-abstention, while the latter can be mitigated without assuming a on-chain cost for the participant, the former might be crafted such that on-chain fees must be spent to sanitize the situation, worst in an asymmetric way bounded by the max size of the coinjoin, I think.

> Double spend attack requires only one laptop and a few UTXOs. Even if spent in some cases, would pay a few sats per transaction which won't be an issue for governments or competitors that normally perform such attacks.

That's an interesting question. Interactive transaction construction protocol being formalized by the BOLT process implied (hopefully) that sooner or later multi-party coinjoin capabilities should be well supported across the ecosystem. From that, we might seen a large-scale p2p market of coinjoin (in the same way we have a HTLC routing market with LN), where a participant can enter into them, without the high cost of installing another wallet. I believe how do we mitigate all those classes of DoS to avoid malicious coinjoin service providers to outlaw competitions that stay open (reminder Minecraft and the Mirai Botnet story).

Antoine

Le ven. 8 juil. 2022 à 10:53, Peter Todd <pete@petertodd.org> a écrit :
On Tue, Jul 05, 2022 at 08:46:51PM +0000, alicexbt wrote:
> Hi Peter,
>
> > Note that Wasabi already has a DoS attack vector in that a participant can stop
> > participating after the first phase of the round, with the result that the
> > coinjoin fails. Wasabi mitigates that by punishing participating in future
> > rounds. Double-spends only create additional types of DoS attack that need to
> > be detected and punished as well - they don't create a fundamentally new
> > vulerability.
>
> I agree some DoS vectors are already mitigated however punishment in this case will be difficult because the transaction is broadcasted after signing and before coinjoin tx broadcast.
>
> Inputs are already checked multiple times for double spend during coinjoin round: https://github.com/zkSNACKs/WalletWasabi/pull/6460
>
> If all the inputs in the coinjoin transaction that failed to relay are checked and one or more are found to be spent later, what will be punished and how does this affect the attacker with thousands of UTXOs or normal users?

Point is, the attacker is thousands of UTXOs can also DoS rounds by simply
failing to complete the round. In fact, the double-spend DoS attack requires
more resources, because for a double-spend to be succesful, BTC has to be spent
on fees.

It's just a fact of life that a motivated attacker can DoS attack Wasabi by
spending money. That's a design choice that's serving them well so far.

--
https://petertodd.org 'peter'[:-1]@petertodd.org