Delivery-date: Tue, 30 Jul 2024 12:58:14 -0700 Received: from mail-ot1-f61.google.com ([209.85.210.61]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sYsz8-0007BW-Bu for bitcoindev@gnusha.org; Tue, 30 Jul 2024 12:58:14 -0700 Received: by mail-ot1-f61.google.com with SMTP id 46e09a7af769-7036d1f9acasf4999672a34.3 for ; Tue, 30 Jul 2024 12:58:14 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1722369488; cv=pass; d=google.com; s=arc-20160816; b=Cxsxg4hs/IR1mXbe0FkJ3XgOGmNsZ6FVbyv4Z1ucxUEz5KjiFzWksTS87mGjFy0RCR Lha0sqTtC+oonC0QssEJFXA+vqZ5KINt3SmFqEZe1hjuWMpJ13mnXTwbyYEegrMCyRBo aaB/CxJTBTYoLuKFSwn6ShQWKtcSLM0z4rr4I8Alryk5WoUXPEYJUKR5o59E+zcEptgc 4Kn8n7w73yE0pdwEB09VvWpbggfzO8fW9nr8ysBXLaYox17I56wcK3pLhuGd1puKqNGq Yp/dvRw5kcIdBuCO5zi5Ifh+2TazfDlQ5qfHWSs5sRUAdJmJBZMTPimoiu3chGHq7VB6 pnog== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :feedback-id:sender:dkim-signature; bh=MowZj5jz/v1LDel2tuDIT3njJ61kdSmj0ifNlZaJmy0=; fh=16MhvNoztfiXexyxwrxM2ad4K5H31IWb1V209AQu7jc=; b=XZRyMMad+x2L9h9rbR+xHZFkDsSu2pCs8CUsBnUnC2+rKRXMtpFhMJgwtRcd9vz1Z3 k4iD148PMXgP7lmzwEM8QPCcdosHchxoSXY3yaXDeEEvWB/1FneNKjKzx2yl6wSyhHqK SYR/Sv06ujmA0mGeNfNcLzbnfpV5TucsVbegd0QmWdrzR/KYBuyi85ggLQ0ydjM3kJOP 9kbjskbaDjRK8MuJvSaCBbNhLnJm9Ursxcq2TLe7wTZvWIadIaP6N1NyClyK/wSMCIKg ecy1jwNdaIcpIGPe6Kk8LyGl0qKMqoDj3285lY8nAvKVnI28aCzhPGJT+2IyFecubDnK 7BbA==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=FgfoCoVl; spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) smtp.mailfrom=pete@petertodd.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1722369488; x=1722974288; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id:sender :from:to:cc:subject:date:message-id:reply-to; bh=MowZj5jz/v1LDel2tuDIT3njJ61kdSmj0ifNlZaJmy0=; b=xW6L82AyYYy9E7u5qKuhVvXIlMIIXul0R42985cP6gm5nk76SkvhHceX6jPDShUbaW 1BlJ762/rb7UzLtZd8t1GzmSC+V2nAAApbwPJr1L7xURg54mrZlnmpiAJ2KlQuAplrMt MvGjvdybQ60IPV7jO2kJPLlBsS+mLIBk7+a6gFBxUw0VGxGj6mPL2rkx3xDgq0Imy9FL tNeDPHDHdAyFbxqODVzOdVsB8tWYV1d+b5K12W0j+264TqlgWat4+8dMOouXE1bxkDC/ 0oQ9CvKww5dYqRzAYfrSEr2jaKcrgWd9KOnDN1tc5J1GQFdhkw0PfMd6aGSx3KtKWha9 aMLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722369488; x=1722974288; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:feedback-id :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date :message-id:reply-to; bh=MowZj5jz/v1LDel2tuDIT3njJ61kdSmj0ifNlZaJmy0=; b=u4iCqOK3FuoAMQYBIoBGFhJPUZWRF+J9lxG+V+RQYqMIBVzwOVPn+fsorNqZds7o7a 232xsUSooAWbcKpkyOh4OLac3Y1eFj02PtUev4fUTgVZPBDgHdd36ujRTOLrwBv4mYhS hCE8KvWOQxE+9oNCHDBVMQwlwUUmBuO1zXXqTFhV8vS/MZf9xa9gIQ8SJfp9lpcJj5FY P9+udFaTgQ9r62K+iUiSuzMztp635gwZPnEEKFc9Qgid0LpuwhhZ92srvSaJlFvqkv0Y qO3xNHmXjDZ+XWQOEpqwG/cV03saNS7JWfWmk09D/PF1y2tMebK5WNRA+ENljQWtJcmF HNRg== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCW+UC5Ksi+/oCznbiMuPBlgkyVUQ6E7Gav4sO9365qZ/zyTZYSmegRUcpoIFSKnLZ9+0R9hYWBA/LWtIDoituKwo+SXDHA= X-Gm-Message-State: AOJu0Yzg3G54Qauxrp3j9uIGwcSuqdwzxt/U1pTylFWGB7E4gazFqCtD 2+zoYFlwhpuKDdDebbhIJCmAN3PpAdfUIdVcYvYrdn3mUvyxuWwX X-Google-Smtp-Source: AGHT+IHDvMKUmF6205OPWprHilc6TlFvCbDY8gO/JJzYgKAVm/38oKIyVNydtgP/qoh5U2LMRIVNjA== X-Received: by 2002:a05:6871:3a0f:b0:260:ee93:f388 with SMTP id 586e51a60fabf-267d4ee60d2mr15642212fac.32.1722369487823; Tue, 30 Jul 2024 12:58:07 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a05:6870:798f:b0:24f:d281:c6c2 with SMTP id 586e51a60fabf-2649fcfde6dls4206180fac.2.-pod-prod-09-us; Tue, 30 Jul 2024 12:58:06 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWq5WXOnv8cPt1bKbYVl2rBwhXlklm+fC/dUsU+NxP/mBpp8yVklP6KvbKZnwiMfOBRl+u15zyTpMXU1qcoiYDZqQZjv0wQa6z9J/U= X-Received: by 2002:a05:6871:51e3:b0:259:83dc:34ce with SMTP id 586e51a60fabf-267d4d5340dmr265116fac.3.1722369486056; Tue, 30 Jul 2024 12:58:06 -0700 (PDT) Received: by 2002:aca:191a:0:b0:3db:178d:6ee6 with SMTP id 5614622812f47-3db4911ee39msb6e; Tue, 30 Jul 2024 12:38:19 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVbh+7EpGKnucpb6GXYlsJ/9/zN+9Gtgatiepb87d8JjqBljGl4LulGFKmA9nqQXSB81YK69P+MJ1bsAFosLkaUmdtSMVMl1oOjAFw= X-Received: by 2002:a05:6820:1ca2:b0:5ce:a225:cbb2 with SMTP id 006d021491bc7-5d5d0d97bd3mr13224974eaf.1.1722368298251; Tue, 30 Jul 2024 12:38:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1722368298; cv=none; d=google.com; s=arc-20160816; b=l1mGEOdeyif+bjOR8VKggkaez9koxGNhewdBX3/dd07UUu1CzMSWMdVrVoYM9ve/he Z15Tf4tmq5SOtEstNcrqzuX50ZVEGF4fXpnH4ucPWyfD2DMlaVsLkhinr9O7gGi2SINn ic12m31Vv3KT1Lfzvbw9buxpwPiqyPHYqIcQsKS3Q73D8qOnqFjSKVMoY+b60PGTlAGQ DWdOD15Ycl5bqtdsrTBqSg4Kj/gogMxRryuSW0WDj3mDfTvugMfUh/dNkjoz2NND0k2g v3xWsL7w4EyNXY0cOXOd3zdQqTnpJop3Qdfs/tSwGbpNOt5S/DuGkjsYuA/dcbGp0oXk DCRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:feedback-id:dkim-signature; bh=fuutaU2AfYcF+LqNzikzqI6yNvu9sFWd+i0VJcgjO9s=; fh=0VUb5kXR59FnpR6srSO2TutR3QvdsoYQzVeWlpZIeds=; b=q2ggYXKLcr3/RW1EZ5gWjj8sO8VYxWJv/HLJ0iHqgP9nSZclKO/YF99BH+ZBpcvx/B NB/SRs0hOCHlE4IWCK8Je2/Ihk9whFC1RSGZxaEiy8eH1W9cLJZuyn/aoOaXIiyW+ZEI 1EvH9w3MZFL6ZDbScGviSf4JhB69mSJq6eY4fhsbgi/QICxBgqG6S67gKMljuJDlX9s4 9JD+zQY8dGMI5fP7PvDRz9wnUo/LC0DJbMmgCmGcPZVRu60hgTl04LzrSNuF3zg3jpbK vPew+I6sffSbX1W96S7WJTdnDtqSbS9zZClIcHb4t3aJiIotCAaFaV/kywZUwGIsfsKb p6qw==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=FgfoCoVl; spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) smtp.mailfrom=pete@petertodd.org Received: from fout5-smtp.messagingengine.com (fout5-smtp.messagingengine.com. [103.168.172.148]) by gmr-mx.google.com with ESMTPS id 006d021491bc7-5d608d911e2si119142eaf.1.2024.07.30.12.38.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jul 2024 12:38:18 -0700 (PDT) Received-SPF: pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) client-ip=103.168.172.148; Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailfout.nyi.internal (Postfix) with ESMTP id 78B8813804D2; Tue, 30 Jul 2024 15:38:17 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 30 Jul 2024 15:38:17 -0400 X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrjeeggddugeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesghdtroertddtvdenucfhrhhomheprfgvthgv rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth gvrhhnpedutdffleekiedtfefgteefjefhffeiffevleegtdfhueeffeejveeljeekfefh ieenucffohhmrghinhepphgvthgvrhhtohguugdrohhrghenucevlhhushhtvghrufhiii gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvgesphgvthgvrhhtohguugdr ohhrghdpnhgspghrtghpthhtoheptd X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 30 Jul 2024 15:38:17 -0400 (EDT) Received: by localhost (Postfix, from userid 1000) id 816F35F83F; Tue, 30 Jul 2024 19:38:17 +0000 (UTC) Date: Tue, 30 Jul 2024 19:38:17 +0000 From: Peter Todd To: "David A. Harding" Cc: Antoine Riard , Bitcoin Development Mailing List Subject: Re: [bitcoindev] A "Free" Relay Attack Taking Advantage of The Lack of Full-RBF In Core Message-ID: References: <99f8b3b5-996e-41a4-bca8-eb1ddcba4ef3n@googlegroups.com> <4e959cdbe70b1a3b9f1adb37fe3b986e@dtrt.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="n+bJ/YzemJOvNThF" Content-Disposition: inline In-Reply-To: <4e959cdbe70b1a3b9f1adb37fe3b986e@dtrt.org> X-Original-Sender: pete@petertodd.org X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=FgfoCoVl; spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) smtp.mailfrom=pete@petertodd.org Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.8 (/) --n+bJ/YzemJOvNThF Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline On Mon, Jul 29, 2024 at 06:57:17PM -1000, David A. Harding wrote: > Given the first point and the last point, I'm not sure how viable the > attack is (but, as I said, I'm not sure I understand it). Estimating or > manipulating feerates correctly for over 144 blocks in a row sounds > difficult. Counterparties being able to deprive Mallory of profit seems > like a major weakness. It is not. I've actually *accidentally* exploited this type of pinning vector a few times in Lighting channels by simply force closing them at times when fee-rates were high. I've even twice managed to delay the force close of a channel by testing out justice transactions by broadcasting a low fee-rate, revoked commitment, which the counterparty node did not notice. Instead, the channel just stayed in limbo for a few days until the node finally got in a normal force-close using the non-revoked state after fees reduced. In both cases, both endpoints were LND using compact block filters (I was running both nodes in these tests). IIUC the LND compat block filter implementation does not track mempool transactions, so it only notices revoked commitment transactions when they appear in blocks (notice how this means that the lack of package relay will render LND's fee-bumping code potentially useless if the conflicting commitment transaction is equal or greater fee/fee-rate). I haven't tried fully exploiting this particular scenario by maximizing the number of HTLCs in flight; I was just trying out stuff manually. Someone should. It should be relatively easy to automate this class type of attack by simply picking opportunities for it based on fee rates. It's quite common for fee spikes to cause conditions where you can easily predict that fees won't go below certain levels for many blocks in the future, multiple days even. Your claim that "estimating feerates correctly for over 144 blocks in a row sounds difficult" is very wrong. -- https://petertodd.org 'peter'[:-1]@petertodd.org -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZqlBKVXBKKIurBPk%40petertodd.org. --n+bJ/YzemJOvNThF Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmapQScACgkQLly11TVR Lzdb7Q//WaAy9wiYZ7S1OM4miCe8t9ayrLO9IUI8XVYwNOjVINccp/KGVEv7WTqB HMIRIafesOq3NnwLQU+BBqffCu9f5ZycW/8/YhEBz211KLQ2eFJBFVQQpPMOLZrM gCCznyJQ/MpCWIZ+J7N7FY5xy8Qypgz1232/aHynFZEyMPZDIbrkJa4loixVklfH 0kY9ypvOwrhMpSZPFViKe6rtfXp/cW2S61jZ9+MkE2NxLzNbbk/4iWhvIIIiru0U L0pml6E8A1vvUADMCnlC/Y3jjN71X4QtqjwcEylllNxU1fPMtYOl5UA0XvJ85+2J KdontP7TXqZ/1lWjciOcxetnFugami03ug9B9VgJbLCB3I3mzLeMCT9Ap1Cs8ii7 YjUGcXWxvyWkiJ3EixfUnttyR7Oo++hn2Hd/5+96t3KXt3/bduTZkb/P/OgEiSjd rBZTBypqJdCGOBBwUYyp3/C9Y8VLDXoHAfQt+XgkuRqGRkH0twy6jimGAL3RKpas sr2f9UofaoSnew8wWxrocX7x0HOEoaVU5Lx+u9LtTbZHdpXYHcEOLoE3atsmMysr 9ZRbbOdGGFVScbqfSElDIffuke9Kw8s00o7tq6EhtK25M/F0JTrRn4ODy2NuebSt GKqKgeR17aDnPCnq4i2Nd6ofNO2GZSuMPFU6giIwpOVmHp4v2i8= =XlnP -----END PGP SIGNATURE----- --n+bJ/YzemJOvNThF--