Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id CD881C0037 for ; Sun, 17 Dec 2023 17:56:27 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 8BFCA413A3 for ; Sun, 17 Dec 2023 17:56:27 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 8BFCA413A3 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm2 header.b=JfIo6+qT X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7BsFPB854k8L for ; Sun, 17 Dec 2023 17:56:25 +0000 (UTC) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by smtp4.osuosl.org (Postfix) with ESMTPS id 927E0410BB for ; Sun, 17 Dec 2023 17:56:25 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 927E0410BB Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 8B3A75C00CF; Sun, 17 Dec 2023 12:56:19 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Sun, 17 Dec 2023 12:56:19 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1702835779; x=1702922179; bh=O8OaVPusPGnldu/LglyXXiPEdg/j EBb0sgx3Hg1JFdc=; b=JfIo6+qT1eeRzsog6l62WUMBJwCBa/qgh9vJRK2F2ojI 7B1jt1Yfe+Cq3n5j27m4jD4s+4ByFRyOCPbfH/8hrns+6mHdlSZIMrX2amF2DIG/ 93BNsvoAqdjLmc42IH7dQf25k3n+/6q80rp3yDiaQyzEZb4Y+qXJQt7SEoOJ59Bl z3ANClzlvwNkwgblZ9lhtO96ULOMB4ZYaY6D6tTvaKF5ZpaeLWyVZer8Mfm1N4nQ hlfdk+vHIZtuXinO3BrxNlrv++3oaIhYLVvvHdDlUgHRt8CmQfvd8vGKRIJQ6T0Z AFCVWfVIfk1rVWsUh5QE5amUs1DQojj2oJKLVSWgRA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvddtiedguddtiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfhfgggtuggjsehgtd erredttddvnecuhfhrohhmpefrvghtvghrucfvohguugcuoehpvghtvgesphgvthgvrhht ohguugdrohhrgheqnecuggftrfgrthhtvghrnhepiedvvdelieekjeeukefgtdelfeeghe ehleffueehteeghfelveejfeelgeevffefnecuffhomhgrihhnpehpvghtvghrthhouggu rdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epphgvthgvsehpvghtvghrthhouggurdhorhhg X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 17 Dec 2023 12:56:18 -0500 (EST) Received: by localhost (Postfix, from userid 1000) id 1B59C5F81D; Sun, 17 Dec 2023 17:56:16 +0000 (UTC) Date: Sun, 17 Dec 2023 17:56:16 +0000 From: Peter Todd To: ArmchairCryptologist , Bitcoin Protocol Discussion Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="mYjkTX6EQJW8IVXP" Content-Disposition: inline In-Reply-To: Subject: Re: [bitcoin-dev] Addressing the possibility of profitable fee manipulation attacks X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Dec 2023 17:56:27 -0000 --mYjkTX6EQJW8IVXP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Dec 17, 2023 at 11:11:10AM +0000, ArmchairCryptologist via bitcoin-= dev wrote: > ** A possible solution, with some caveats ** >=20 > My proposed solution to this would be to add partial transaction fee burn= ing. If 50% or more of transaction fees were burned, this should effectivel= y curtail any incentive miners have for padding blocks with junk transactio= ns in general, as it would both significantly reduce the amount of spent fe= es they would be able to recoup, and also reduce the amount of benefit they= gain from the transaction fees being high. The burn rate would however nec= essarily have to be less than 100%, otherwise miners would not be incentivi= zed to include any transactions at all, and might as well be mining empty b= locks. Fee-burning solutions are easily bypassed with out-of-band fee payments. If fee-burning was possible, I would have proposed it already as a way to ensure there is always an incentive for miners to mine blocks. Unfortunatel= y, it does not work. > Changing fee estimation algorithms across the board to not take historica= l fee data into account, eliminating the long-term decaying fee effects obs= erved after short-term flooding of high-fee transactions, would of course s= ignificantly help prevent such attacks from being profitable in the first p= lace without requiring any sort of fork. As such, I believe this should als= o be done as a short-term makeshift solution. A less exploitable estimate c= ould be made by limiting the algorithms to only use the current mempool sta= te and influx rate, as well as possibly the estimated current blockrate and= the arrival times of recent blocks. Additionally, wallets could pre-sign a= number of replacement transactions spending the same UTXO(s) with graduall= y increasing fees up to a maximum specified by the user, and automatically = broadcast them in order as the state of the mempool changed. And I'm sure t= here are additional strategies that could be used here as well to make the = ecosystem more fee-optimal in general. Yes, RBF needs to be used a lot more. CPFP is inefficient and wasteful, and estimates are quite often wrong. > Unfortunately, as long as some parties still use historic fee data for th= eir fee estimation, the attack could still be effective up to a point. Paym= ent providers like BitPay for example currently specify that you need to us= e a historically high fee for the initial transaction for it to be accepted= , and does not recognize replacement transactions that bump the fee. BitPay is just a garbage payment processor. Possibly intentionally so, with= the aim of getting big block policies introduced. BTW note how if mining pools are intentionally flooding the network to incr= ease fees, mining pools such as Ocean that filter out fee-paying transactions th= at are part of the (possible) attack actually contribute to this problem by reducing the cost of the attack. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --mYjkTX6EQJW8IVXP Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmV/Nj4ACgkQLly11TVR LzeaVRAAs/H6oN5nLJ6QZ5D8k83Cyqnr1vfTpWcDNzfRjTUpcg73PAqFGR66pffK Nz25scMCaaplbQh9t75br/RuEZrW+I3xhW2YSDDy7ev5SbKP5Sr1dc6E83vnYo+Y O6bt5xezKItheSBOehNqBu8rkRbqt7Nq2PqQYv/K6uUlQDJQ2445WEr87+RmNs4Y bqRtX6NTxilA42ZTs727OgwLZcH2ftEk03RIdHxIf1sjDSXyC95a7d7WNCQkDl37 NxmOjrN8djgNYkb3DEoR62pehaCjHm+Ivi0I9CZt/SgFJshCBwsZ7ubFL5YcIfVx uepp7rGRH7a8L9HOjRX+KIJPpJye/S0Y4dt+l05taXPZJZsai+JV84k+0vn7aoT7 UDzx4ew79kmrGxuwU21ZwH19cSESKTnaB44EQJdn9IZnxrMZ/kgmvrvBIjH+YRsS rzMm78+LF5XFETMfiq7Py9lPre+umWlJSQt0J9l2KHdjo5vxVr9R0//+OyMU2WVP haNDV4V1GrKw8cJHEulrkC60EQmYsXCKXDKPFDEg8cgtvyDZME8nZAwoXOK8Q1GC IBrSbfABZPRgWMC848Dje6WUUCBSQmSPgWznvLq9ocaDKylq6txXV54e+CW0MZtY +cRqgV9KGFxmelcyngUklRsO2D2OxY8OrXLEviAq+k044gSV2DE= =UteR -----END PGP SIGNATURE----- --mYjkTX6EQJW8IVXP--