Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id F06D73645 for ; Wed, 30 Jan 2019 02:06:58 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5BE0085A for ; Wed, 30 Jan 2019 02:06:58 +0000 (UTC) Received: by mail-wr1-f49.google.com with SMTP id t6so24267727wrr.12 for ; Tue, 29 Jan 2019 18:06:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=h5PqYcP3iB7aRCazTXTWhHRRJgracT35aNRjUQnV0FA=; b=dVTXBBCTi2xj6eo0x0Z9dHVGvH6yVBLXoYevrR306WJdiZKSSdx6GoPFqUW26NxbJs PNRg5uwq2xYf2kqzOxe52ioyQWVNGbHSlQWx6Ysg/t2KtDe2AH3rOfRKjZJMkb7hZaWq Za5jKgGsbHA856oBR+2MWTIp79Z5FQVVR3ro7w59yV39Ikm8xBmrXwXZSmH8IiY6zUbi iAPFvYIwh6O8Ed0MHz/5DVJh7mb8xrWPBfENfChxaKWTLHQpaFgOfHwGbac97OsCwkWM BMD+WKm5ccNTu7Em1xhkYwC0kMzBH2pbQJGO/AJXtxXp96oSDRZzSotsFN5V84G0Cl4R 1wQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=h5PqYcP3iB7aRCazTXTWhHRRJgracT35aNRjUQnV0FA=; b=uhrNV4lFTC2S7b2z8XjZ2aLiBfJQz1zpiREy6q3oWWt9DDbd5OK2Efyl9is0IPWqQL iurv0kABHYow3c0vZn7kcNFc/TZDz8XoUkuu0If+rhDFZeRzM16YfNHSVEaKUVHL4IJb gbok55wTyGOvE0ddRdVdAz/9xHs3YAgggZUKGlzwarpRrkYe/Azn2qDUziYwMI1anvIo VcmELfdXvc89K1ZxPGIdvimIxNtAZ4g1G9hSW4X55bt5BfHE8YGeOZumNUIGv5cjBcnv kKF44ZUmIOaVFaczLfEr/Io2CI6pbndx3VGIOKuvbsO+xpKJ76kjcL5+/vbXiPHt1iAE TSrA== X-Gm-Message-State: AJcUukffFaffz3wVTMVlAzxyrr036wf41h/gX9OcOnRYTsbit9WMdTeT oGjeWk9+bBVWuGoyR6Xv6PTQkkdjTh0kTnsEYI0= X-Google-Smtp-Source: ALg8bN4aQom9PlbPl3tK/AgfbTJAGgqgT8EMXsy0J/6dEKsFCMjmcyGYDAW9S49H54kaWc7WjKd7yky4JURh3DSb0w8= X-Received: by 2002:a5d:4a8e:: with SMTP id o14mr26918934wrq.159.1548814016672; Tue, 29 Jan 2019 18:06:56 -0800 (PST) MIME-Version: 1.0 References: <-yZhdFkKfKAEz1_4GKKSpTxjvR8EDSsH_5-TTh_4X5qwa79igXKR14rh6JASrald-F97o1htWY_kcBQ7IVr7ZH9zOQlOEwzhkWDjTq0d7F4=@protonmail.com> <2cd4fe6d-c0ca-5ae7-4107-38e1609743a8@gmail.com> In-Reply-To: From: James MacWhyte Date: Tue, 29 Jan 2019 18:06:30 -0800 Message-ID: To: rhavar@protonmail.com Content-Type: multipart/alternative; boundary="000000000000497b460580a35d77" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Wed, 30 Jan 2019 08:25:43 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] bustapay BIP :: a practical sender/receiver coinjoin protocol X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jan 2019 02:06:59 -0000 --000000000000497b460580a35d77 Content-Type: text/plain; charset="UTF-8" James On Sun, Jan 27, 2019 at 2:11 PM wrote: > > It isn't passed "back and forth so many times". > You are right, I got the wrong impression the first time I read it. > This is an important anti-DoS/anti-spy tactic, as it proves the sender > actually owns those inputs and if the protocol is not followed to > completion, the transaction can be dumped on the network. > I'm not convinced this is a valid concern, at least not valid enough to add extra complications to the process. The sender could still refuse to sign the final transaction after they see the recipient's in-/outputs; "show me yours and I'll show you mine" isn't much of a spy deterrent, and nothing here prevents a DOS attack. As an implementor, I would suggest keeping the protocol as simple as possible. By dropping the signing in the first step, the recipient doesn't need to maintain the ability to lookup and verify unspent outputs. It also would enforce the increased privacy, which the sender obviously wants if they are going down this path (in other words, either have the process complete or fail -- don't give the recipient the ability to broadcast the not-private transaction against the wishes of the sender). --000000000000497b460580a35d77 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

James


On Sun, Jan 27, 2019 at 2:11 PM <rhavar@protonmail.com> wrote:

It isn't passed "= back and forth so many times".

Y= ou are right, I got the wrong impression the first time I read it.
=C2=A0
This i= s an important anti-DoS/anti-spy tactic, as it proves the sender actually o= wns those inputs and if the protocol is not followed to completion, the tra= nsaction can be dumped on the network.

I'm not convinced this is a valid concern, at least not valid eno= ugh to add extra complications to the process. The sender could still refus= e to sign the final transaction after they see the recipient's in-/outp= uts; "show me yours and I'll show you mine" isn't much of= a spy deterrent, and nothing here prevents a DOS attack.

As an implementor, I would suggest keeping the protocol as simple a= s possible. By dropping the signing in the first step, the recipient doesn&= #39;t need to maintain the ability to lookup and verify unspent outputs. It= also would enforce the increased privacy, which the sender obviously wants= if they are going down this path (in other words, either have the process = complete or fail -- don't give the recipient the ability to broadcast t= he not-private transaction against the wishes of the sender).
--000000000000497b460580a35d77--