Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WI9pt-0006s7-Hg for bitcoin-development@lists.sourceforge.net; Tue, 25 Feb 2014 04:41:41 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.149.43 as permitted sender) client-ip=62.13.149.43; envelope-from=pete@petertodd.org; helo=outmail149043.authsmtp.co.uk; Received: from outmail149043.authsmtp.co.uk ([62.13.149.43]) by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1WI9ps-0005W2-DL for bitcoin-development@lists.sourceforge.net; Tue, 25 Feb 2014 04:41:41 +0000 Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237]) by punt17.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s1P4fY8h044499 for ; Tue, 25 Feb 2014 04:41:34 GMT Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s1P4fOc0059500 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Tue, 25 Feb 2014 04:41:26 GMT Date: Mon, 24 Feb 2014 23:41:16 -0500 From: Peter Todd To: Bitcoin Dev Message-ID: <20140225044116.GA28050@savin> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="/04w6evG8XlLl3ft" Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: 1685daa0-9dd7-11e3-94fa-002590a135d3 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXQB1 Jh0bXVBSFQF4ARgL Ah8UUB48cANYeX5u ZEFqQHFbVVt/fUFi QwAXFA0CMxgzaGAa WUVYd01RcAZCMB5D YlUrBSINfGxTMn19 RlY+ZHVgYTtWbXwN GFxcdVtLGhsHRSgS Sh1KES8oBSUA X-Authentic-SMTP: 61633532353630.1024:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 76.10.178.109/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1WI9ps-0005W2-DL Subject: [Bitcoin-development] Fee drop X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Feb 2014 04:41:41 -0000 --/04w6evG8XlLl3ft Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable So, just to be clear, we're adding, say, a memory limited mempool or something prior to release so this fee drop doesn't open up an obvious low-risk DDoS exploit.... right? As we all know, the network bandwidth DoS attack mitigation strategy relies on transactions we accept to mempools getting mined, and the clearance rate of the new low-fee transactions is going to be pretty small; we've already had problems in the past with mempool growth in periods of high demand. Equally it should be obvious to people how you can create large groups of low-fee transactions, and then cheaply double-spend them with higher fee transactions to suck up network bandwidth - just like I raised for the equally foolish double-spend propagation pull-req. Of course, there's also the problem that we're basically lying to people about whether or not Bitcoin is a good medium for microtransactions. It's not. Saying otherwise by releasing software that has known and obvious DoS attack vulnerabilities that didn't exist in the previous version is irresponsible on multiple levels. --=20 'peter'[:-1]@petertodd.org 0000000000000000b28e2818c4d8019fb71e33ec2d223f5e09394a89caccf4e2 --/04w6evG8XlLl3ft Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQGrBAEBCACVBQJTDB7rXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDA3NzlkMjg3NzU0MmIxYjU4OWU0Nzc0YmRiNGYxOGVhYmJi YzU4NTY2YWYxYWI5NjUvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkftEDwf/Sv3lmsUdoXCi2+OTEYlhscNL e9OAZC0vbNyMydON1UgDjSvSP22L9ekGuFS6a+rIswea/vbTOmBHURRVLWThO5G4 t+bKFQs4N7LOT7z2mPM72EfO/PHQ2KJ8LH98Euo+5xRIgEdal4S7p6bJg3gw/fHi glBzBOnCEbFpYR32uqwuesQWwIFQGjwwCJLH3uCHk61dpUlKa60xgOWSP+lTbQ+l kornBEcHjNdF7LjchoE2/EwS16fArADPHMI0Vyah+5vsrRQ0PEIL7G06UTPGS94H ae4Ywr6cyCsARiDHY3XLzrQ/yAyvT7HAVNJe+YLQshZp+yo4fHHuFvww052qyw== =X+3t -----END PGP SIGNATURE----- --/04w6evG8XlLl3ft--