From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1USkGd-00043v-PB for bitcoin-development@lists.sourceforge.net; Thu, 18 Apr 2013 08:32:31 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.214.170 as permitted sender) client-ip=209.85.214.170; envelope-from=mh.in.england@gmail.com; helo=mail-ob0-f170.google.com; Received: from mail-ob0-f170.google.com ([209.85.214.170]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1USkGc-00081Z-4W for bitcoin-development@lists.sourceforge.net; Thu, 18 Apr 2013 08:32:31 +0000 Received: by mail-ob0-f170.google.com with SMTP id eh20so1140401obb.1 for ; Thu, 18 Apr 2013 01:32:24 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.60.28.37 with SMTP id y5mr5028978oeg.134.1366273944753; Thu, 18 Apr 2013 01:32:24 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.76.167.169 with HTTP; Thu, 18 Apr 2013 01:32:24 -0700 (PDT) In-Reply-To: References: <453bfc69-b2ab-4992-9807-55270fbda0db@email.android.com> Date: Thu, 18 Apr 2013 10:32:24 +0200 X-Google-Sender-Auth: T7u6Y_WpcHtiFqtXSaqGJKKr7Ac Message-ID: From: Mike Hearn To: John Dillon Content-Type: multipart/alternative; boundary=e89a8fb1f7f024a54204da9e71a2 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1USkGc-00081Z-4W Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Anti DoS for tx replacement X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Apr 2013 08:32:31 -0000 --e89a8fb1f7f024a54204da9e71a2 Content-Type: text/plain; charset=UTF-8 When did I say DoS was unimportant? I just wrote a giant email explaining how it can be resolved. I think it's worth pointing out that Bitcoin was launched with no DoS protection at all, and it's still here. There are still obvious DoS bugs being fixed with every release. So yes, it's important to robustify the code, but not to the extent of not having any features. If Satoshi had taken that perspective Bitcoin might not exist at all. We can have our cake and eat it. RE: shutting down services dependent on replacement. No, good users of replacement would still end up taking priority over the constantly churning DoS replacements. The most you can shut down is one contract. Obviously, if there's no form of tx replacement at all then the "tried and doesn't work" state is the same as "never tried", which doesn't seem like a win. The testnet is trivially DoSable today by anyone who cares to do so, there are hardly any nodes and most people get coins from the faucet. Look at how quickly people got upset when somebody drained it. As Jeff has pointed out, there could theoretically be a "nextnet" but the overhead of setting one up doesn't seem worth it. If somebody wanted to troll developers they could easily DoS testnet and nextnet simultaneously with bandwidth to spare. > That #3 has not been noticed before shows that for all this hot air > no-one has ever bothered making an implementation of the idea. > Yes, I noticed it a few days ago when making some notes, but figured I would indeed make an prototype implementation and then just put all the details and latest protocols on the wiki at once. As nobody indeed noticed the bug for years apparently nobody else is working on this so it didn't seem urgent to update. Your proposed alternative doesn't seem any different DoS wise. Someone can still broadcast a long series of incrementally different transactions and have miners replace them. So you still need prioritisation of work. It's useful anyway for other reasons. And as you point out yourself, it's still susceptible to the problem that you end up running out of money because it's all been spent on fees. BTW $500 is rather low for the amount of work required. If you added a zero onto that there might be more takers. --e89a8fb1f7f024a54204da9e71a2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
When did I say DoS was unimportant? I just wrote a giant email expla= ining how it can be resolved.

I think = it's worth pointing out that Bitcoin was launched with no DoS protectio= n at all, and it's still here. There are still obvious DoS bugs being f= ixed with every release. So yes, it's important to robustify the code, = but not to the extent of not having any features. If Satoshi had taken that= perspective Bitcoin might not exist at all. We can have our cake and eat i= t.

RE: shutting down services dependent on rep= lacement. No, good users of replacement would still end up taking priority = over the constantly churning DoS replacements. The most you can shut down i= s one contract. Obviously, if there's no form of tx replacement at all = then the "tried and doesn't work" state is the same as "= never tried", which doesn't seem like a win.

The testnet is trivially DoSable today by a= nyone who cares to do so, there are hardly any nodes and most people get co= ins from the faucet. Look at how quickly people got upset when somebody dra= ined it. As Jeff has pointed out, there could theoretically be a "next= net" but the overhead of setting one up doesn't seem worth it. If = somebody wanted to troll developers they could easily DoS testnet and nextn= et simultaneously with bandwidth to spare.
=C2=A0
That #3 has not been noticed before shows that for all this hot air
no-one has ever bothered making an implementation of the idea.

Yes, I noticed it a few days ago when making= some notes, but figured I would indeed make an prototype implementation an= d then just put all the details and latest protocols on the wiki at once. A= s nobody indeed noticed the bug for years apparently nobody else is working= on this so it didn't seem urgent to update.

Your proposed alternative doesn't seem = any different DoS wise. Someone can still broadcast a long series of increm= entally different transactions and have miners replace them. So you still n= eed prioritisation of work. It's useful anyway for other reasons. And a= s you point out yourself, it's still susceptible to the problem that yo= u end up running out of money because it's all been spent on fees.=C2= =A0

BTW $500 is rather low for the amount of wo= rk required. If you added a zero onto that there might be more takers.
--e89a8fb1f7f024a54204da9e71a2--