Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XXMJ7-0004p9-WF for bitcoin-development@lists.sourceforge.net; Fri, 26 Sep 2014 03:34:58 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.217.173 as permitted sender) client-ip=209.85.217.173; envelope-from=christophe.biocca@gmail.com; helo=mail-lb0-f173.google.com; Received: from mail-lb0-f173.google.com ([209.85.217.173]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XXMJ6-0007DD-QO for bitcoin-development@lists.sourceforge.net; Fri, 26 Sep 2014 03:34:57 +0000 Received: by mail-lb0-f173.google.com with SMTP id 10so11970235lbg.18 for ; Thu, 25 Sep 2014 20:34:50 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.112.146.1 with SMTP id sy1mr16119764lbb.77.1411702490183; Thu, 25 Sep 2014 20:34:50 -0700 (PDT) Received: by 10.112.89.228 with HTTP; Thu, 25 Sep 2014 20:34:50 -0700 (PDT) In-Reply-To: References: <1447373.AzvO89eGJS@crushinator> <6165581.aoAyGZkGge@crushinator> Date: Thu, 25 Sep 2014 23:34:50 -0400 Message-ID: From: Christophe Biocca To: Bitcoin Development Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (christophe.biocca[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XXMJ6-0007DD-QO Subject: Re: [Bitcoin-development] SPV clients and relaying double spends X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Sep 2014 03:34:58 -0000 A lot of this discussion has already occured. Some code was even merged into master, then reverted. See: https://github.com/bitcoin/bitcoin/issues/4550 https://github.com/bitcoin/bitcoin/pull/4570 It would probably be a good idea to start from that code, as it addresses many of the possible pitfalls you've been discussing. On Thu, Sep 25, 2014 at 10:37 PM, Aaron Voisine wrote: > Of course you wouldn't want nodes to propagate alerts without > independently verifying them, otherwise anyone could just issue alerts > for every new transaction. > > Aaron Voisine > breadwallet.com > > > On Thu, Sep 25, 2014 at 7:16 PM, Matt Whitlock wr= ote: >> Probably the first double-spend attempt (i.e., the second transaction to= spend the same output(s) as another tx already in the mempool) would still= need to be relayed. A simple "double-spend alert" wouldn't work because it= could be forged. But after there have been two attempts to spend the same = output, no further transactions spending that same output should be relayed= , in order to prevent flooding the network. >> >> >> On Thursday, 25 September 2014, at 7:12 pm, Aaron Voisine wrote: >>> Something like that would be a great help for SPV clients that can't >>> detect double spends on their own. (still limited of course to sybil >>> attack concerns) >>> >>> Aaron Voisine >>> breadwallet.com >>> >>> >>> On Thu, Sep 25, 2014 at 7:07 PM, Matt Whitlock = wrote: >>> > What's to stop an attacker from broadcasting millions of spends of th= e same output(s) and overwhelming nodes with slower connections? Might it b= e a better strategy not to relay the actual transactions (after the first) = but rather only propagate (once) some kind of double-spend alert? >>> > >>> > >>> > On Thursday, 25 September 2014, at 7:02 pm, Aaron Voisine wrote: >>> >> There was some discussion of having nodes relay double-spends in ord= er >>> >> to alert the network about double spend attempts. >>> >> >>> >> A lot more users will be using SPV wallets in the future, and one of >>> >> the techniques SPV clients use to judge how likely a transaction is = to >>> >> be confirmed is if it propagates across the network. I wonder if and >>> >> when double-spend relaying is introduced, if nodes should also send >>> >> BIP61 reject messages or something along those lines to indicate whi= ch >>> >> transactions those nodes believe to be invalid, but are relaying >>> >> anyway. >>> >> >>> >> This would be subject to sybil attacks, as is monitoring propagation= , >>> >> however it does still increase the cost of performing a 0 confirmati= on >>> >> double spend attack on an SPV client above just relaying double-spen= ds >>> >> without indicating if a node believes the transaction to be valid. >>> >> >>> >> Aaron Voisine >>> >> breadwallet.com >>> > > > -------------------------------------------------------------------------= ----- > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer > http://pubads.g.doubleclick.net/gampad/clk?id=3D154622311&iu=3D/4140/ostg= .clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development