From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UaNco-0000A8-Gf for bitcoin-development@lists.sourceforge.net; Thu, 09 May 2013 09:58:58 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of googlemail.com designates 209.85.215.194 as permitted sender) client-ip=209.85.215.194; envelope-from=john.dillon892@googlemail.com; helo=mail-ea0-f194.google.com; Received: from mail-ea0-f194.google.com ([209.85.215.194]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UaNcn-0007YN-Fy for bitcoin-development@lists.sourceforge.net; Thu, 09 May 2013 09:58:58 +0000 Received: by mail-ea0-f194.google.com with SMTP id d10so381650eaj.9 for ; Thu, 09 May 2013 02:58:51 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.14.4.199 with SMTP id 47mr98687eej.29.1368093531131; Thu, 09 May 2013 02:58:51 -0700 (PDT) Received: by 10.223.101.82 with HTTP; Thu, 9 May 2013 02:58:50 -0700 (PDT) Date: Thu, 9 May 2013 09:58:50 +0000 Message-ID: From: John Dillon To: Bitcoin Dev Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -1.4 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (john.dillon892[at]googlemail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (john.dillon892[at]googlemail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1UaNcn-0007YN-Fy Subject: [Bitcoin-development] An initial replace-by-fee implementation is now available X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 May 2013 09:58:58 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 After some consultation with affected sites by myself and Peter we have decided to release an initial replace-by-fee implementation and setup a server using those rules on testnet. This implementation does not include recursive fee evaluation, and is therefore vulnerable to DoS attack, so hopefully that will continue to allow adoption to proceed gradually. We can-not recommend mining on mainnet with it. It does not include an "undo" RPC command or an adjust fees, and Peter says he has not implemented one yet. Patches are welcome. Specifically there were requests from vulnerable parties, which interestingly included a site that knew they had bugs related to replacement but not financial vulnerabilities, to put up a server on testnet to check wallet code. The vulnerable requested to remain undisclosed. An additional consideration was the upcoming anti-dust rules which are yet another example of why zero-conf is so much more dangerous to accept than single-conf. Two of the people contacting us brought up that issue in fact. The code is on github: https://github.com/petertodd/bitcoin/tree/replace-by-fee and a replace-by-fee server operating on testnet is available at testnet-replace-by-fee.bitcoin.petertodd.org To test you will need to use the raw transaction API and manually create the replacement transaction. Do note that your wallet will retain the existing one and no mechanism yet exists to delete the old transaction from your wallet. Again, a certain amount of "cludgyness" to this is intentional to discourage premature non-testing use. Regarding the reward, I've decided Peter will collect the full amount even though the work is not %100 complete (the mempool aspect) due to his concern about staging an implementation properly, working with vulnerable sites, and overall genuine interest in the actual issues at hand rather than the reward. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBCAAGBQJRi3LeAAoJEEWCsU4mNhiPwscH/2CI0d3h/3jix3iyz2I9I8Sz 6nbP8eA01l9kzG37cH1rFAbt7C+fL/nardV4U1qmiwC0MN7NPpX6BFn5eQ2PUKbu 41+AnjgWicB2tnCC07ngboQ1JCeZ+RTfATepuMxEdWFBsc8ZQXs0apWS01FT+TDq J/a7QkhNfTaAQzXyqmLp0TQO7/Z7ysmCftOhtGbfvfhF2o23BuphQiRVA9IOoUuj Fgb5wrfQqJ8TjvXRXAUQ7SUlzfN9BlPxMkTc6NhbcgIpuq1Kb43mLoDl3s2irH4A GtjRtobV5Cfozm1r+8KPtIYEoQoj0PqTjO5YMwD/vTaRfNzdS4Tse5LQLGT6Jug= =M1mj -----END PGP SIGNATURE-----