Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YPUuk-00086V-8v for bitcoin-development@lists.sourceforge.net; Sun, 22 Feb 2015 11:41:34 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.217.175 as permitted sender) client-ip=209.85.217.175; envelope-from=elombrozo@gmail.com; helo=mail-lb0-f175.google.com; Received: from mail-lb0-f175.google.com ([209.85.217.175]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YPUui-00021s-P8 for bitcoin-development@lists.sourceforge.net; Sun, 22 Feb 2015 11:41:34 +0000 Received: by lbdu14 with SMTP id u14so13738942lbd.1 for ; Sun, 22 Feb 2015 03:41:26 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.112.162.42 with SMTP id xx10mr5464574lbb.6.1424605286423; Sun, 22 Feb 2015 03:41:26 -0800 (PST) Received: by 10.112.201.67 with HTTP; Sun, 22 Feb 2015 03:41:26 -0800 (PST) Received: by 10.112.201.67 with HTTP; Sun, 22 Feb 2015 03:41:26 -0800 (PST) In-Reply-To: References: <20150212064719.GA6563@savin.petertodd.org> <20150215212512.GR14804@nl.grid.coop> <54E11248.6090401@gmail.com> <20150219085604.GT14804@nl.grid.coop> Date: Sun, 22 Feb 2015 03:41:26 -0800 Message-ID: From: Eric Lombrozo To: Jeff Garzik Content-Type: multipart/alternative; boundary=089e0112d1660ae2dd050fabc4fb X-Spam-Score: 1.3 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (elombrozo[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.9 FUZZY_AMBIEN BODY: Attempt to obfuscate words in spam 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1YPUui-00021s-P8 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] replace-by-fee v0.10.0rc4 X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Feb 2015 11:41:34 -0000 --089e0112d1660ae2dd050fabc4fb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable It seems to me we're confusing two completely different motivations for double-spending. One is the ability to replace a fee, the other is the ability to replace outputs. If the double-spend were to merely add or remove inputs (but keep at least one input in common, of course), it seems fairly safe to assume it's the former, a genuine fee replacement. Even allowing for things like coinjoin, none of the payees would really care either way. Conversely, if at least one of the inputs were kept but none of the outputs were, we can be confident it's the the latter. It is possible to build a wallet that always does the former when doing fee replacement by using another transaction to create an output with exactly the additional desired fee. If we can clearly distinguish these two cases then the fee replacement case can be handled by relaying both and letting miners pick one or the other while the output replacement case could be handled by rewarding everything to a miner (essentially all outputs are voided...made unredeemable...and all inputs are added to coinbase) if the miner includes the two conflicting transactions in the same block. Wouldn't this essentially solve the problem? - Eric Lombrozo On Feb 21, 2015 8:09 PM, "Jeff Garzik" wrote: > On Sat, Feb 21, 2015 at 10:25 PM, Jorge Tim=C3=B3n wro= te: > > On Sat, Feb 21, 2015 at 11:47 PM, Jeff Garzik > wrote: > >> This isn't some theoretical exercise. Like it or not many use > >> insecure 0-conf transactions for rapid payments. Deploying something > >> that makes 0-conf transactions unusable would have a wide, negative > >> impact on present day bitcoin payments, thus "scorched earth" > > > And maybe by maintaining first seen policies we're harming the system > > in the long term by encouraging people to widely deploy systems based > > on extremely weak assumptions. > > Lacking a coded, reviewed alternative, that's only a platitude. > Widely used 0-conf payments are where we're at today. Simply ceasing > the "maintaining [of] first seen policies" alone is simply not a > realistic option. The negative impact to today's userbase would be > huge. > > Instant payments need a security upgrade, yes. > > -- > Jeff Garzik > Bitcoin core developer and open source evangelist > BitPay, Inc. https://bitpay.com/ > > > -------------------------------------------------------------------------= ----- > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > > http://pubads.g.doubleclick.net/gampad/clk?id=3D190641631&iu=3D/4140/ostg= .clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --089e0112d1660ae2dd050fabc4fb Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

It seems to me we're confusing two completely different = motivations for double-spending. One is the ability to replace a fee, the o= ther is the ability to replace outputs.

If the double-spend were to merely add or remove inputs (but= keep at least one input in common, of course), it seems fairly safe to ass= ume it's the former, a genuine fee replacement. Even allowing for thing= s like coinjoin, none of the payees would really care either way.

Conversely, if at least one of the inputs were kept but none= of the outputs were, we can be confident it's the the latter.

It is possible to build a wallet that always does the former= when doing fee replacement by using another transaction to create an outpu= t with exactly the additional desired fee.

If we can clearly distinguish these two cases then the fee r= eplacement case can be handled by relaying both and letting miners pick one= or the other while the output replacement case could be handled by rewardi= ng everything to a miner (essentially all outputs are voided...made unredee= mable...and all inputs are added to coinbase) if the miner includes the two= conflicting transactions in the same block.

Wouldn't this essentially solve the problem?

- Eric Lombrozo

On Feb 21, 2015 8:09 PM, "Jeff Garzik"= <jgarzik@bitpay.com> wrote= :
On Sat, Feb 21, 20= 15 at 10:25 PM, Jorge Tim=C3=B3n <jtimon@jtimon.cc> wrote:
> On Sat, Feb 21, 2015 at 11:47 PM, Jeff Garzik <jgarzik@bitpay.com> wrote:
>> This isn't some theoretical exercise.=C2=A0 Like it or not man= y use
>> insecure 0-conf transactions for rapid payments.=C2=A0 Deploying s= omething
>> that makes 0-conf transactions unusable would have a wide, negativ= e
>> impact on present day bitcoin payments, thus "scorched earth&= quot;

> And maybe by maintaining first seen policies we're harming the sys= tem
> in the long term by encouraging people to widely deploy systems based<= br> > on extremely weak assumptions.

Lacking a coded, reviewed alternative, that's only a platitude.
Widely used 0-conf payments are where we're at today.=C2=A0 Simply ceas= ing
the "maintaining [of] first seen policies" alone is simply not a<= br> realistic option.=C2=A0 The negative impact to today's userbase would b= e
huge.

Instant payments need a security upgrade, yes.

--
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc.=C2=A0 =C2=A0 =C2=A0 https://bitpay.com/

---------------------------------------------------------------------------= ---
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & mo= re
Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gam= pad/clk?id=3D190641631&iu=3D/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment
--089e0112d1660ae2dd050fabc4fb--