Hi Peter,
> I think you need to re-read the attack carefully before we discuss this
> further. The % of hash power mining full-rbf does not significantly change the
> cost efficiency of the attack as long as the fee-rate of the B transaction(s)
> is below the minimum economic fee-rate necessary for miners to mine a
> transaction. Above the minimum economic fee-rate, the cost efficiency is an
> essentially linear function of % of full-rbf miners.
This is not the % of hash power mining _full-rbf_ I was pointing to, just the indistinct
total % of hash power mining.
In my understanding, this is the scenario:
- Alice broadcasts small size, low-feerate transaction opt-in disabled A to 99% of the miners+network nodes mempools
- Alice broadcasts a double-spend of A, a high-feerate transaction A2 to Mark, a single miner
- Network nodes does not relay transaction A to Mark and vice-versa Mark does not relay transaction A2 to network nodes
- Alice broadcasts a child B of transaction A to 99% of the miners+network nodes mempools
- Mark, the single miner confirms in a block A2, rendering as a waste A+B network bandwidth
Correct if I'm wrong with this scenario and if it does not match the attack vector you're describing.
The child B can be extended with a full chain of useless children within max mempool limits.
The attack efficiency (i.e the total vB of bandwidth network waste) is dependent on the delay
by which transaction A2 is included in Mark's block template and subsequently mined. Back to
my observation, higher are Mark hashrate ressources, less there is latency to let transaction B
spontaneously propagate on the network, or for Alice to (re)-broadcast in cycle.
All that said, I think my open question to you at the beginning of my answer is still there,
i.e how much time has been left between the private report of this issue to the sec mailing
list and the public disclosure of your email.
Best,
Antoine
ots hash: 001081aba5b44bf98f8774090fcd62109061e1623965ab8ec71068274b46aaf8