1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
Return-Path: <user@petertodd.org>
Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136])
by lists.linuxfoundation.org (Postfix) with ESMTP id DC18BC002D
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Jul 2022 14:53:22 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp3.osuosl.org (Postfix) with ESMTP id 73610613DD
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Jul 2022 14:53:22 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 73610613DD
Authentication-Results: smtp3.osuosl.org;
dkim=pass (2048-bit key, unprotected) header.d=petertodd.org
header.i=@petertodd.org header.a=rsa-sha256 header.s=fm1 header.b=RlwmLnqv;
dkim=pass (2048-bit key,
unprotected) header.d=messagingengine.com header.i=@messagingengine.com
header.a=rsa-sha256 header.s=fm3 header.b=CbZ73/O5
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.8
X-Spam-Level:
X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7,
RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp3.osuosl.org ([127.0.0.1])
by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 5d9aeBeL-BHW
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Jul 2022 14:53:21 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 5FF56613DC
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com
[66.111.4.28])
by smtp3.osuosl.org (Postfix) with ESMTPS id 5FF56613DC
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 8 Jul 2022 14:53:21 +0000 (UTC)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
by mailout.nyi.internal (Postfix) with ESMTP id 863245C01C5;
Fri, 8 Jul 2022 10:53:19 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
by compute3.internal (MEProxy); Fri, 08 Jul 2022 10:53:19 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=petertodd.org;
h=cc:cc:content-type:date:date:from:from:in-reply-to
:in-reply-to:message-id:mime-version:references:reply-to:sender
:subject:subject:to:to; s=fm1; t=1657291999; x=1657378399; bh=as
T+G1v6k8/0ltek8BNyczHSa5ZVyYDN8GO7U0AceBw=; b=RlwmLnqv9D0/e7kkGi
5Pg8tx1sBVHKjsmbtWNQ6Xqswfbo9job7ZUv5g9mrcoLVRGptou4CNZvQb22H6Qv
4QImR/GP3IBhj2giRB9LUcm69CPkTsGvA3QGFanvTmXRzM+AJ8Dt+Ag2o3BJCQwn
sFug4nV39LN2vI9iGfODsGJjYMuNcuBvQwxvWJrzuMmdmqJeUcXnSKZguFWzqY4y
WlCNzdhA8y9agnO2Us0swGAh9Pd/DxnYOtNqnQp3tbagbtYyAdROpmYS+e6p/Qj1
KU7uox9YkSt8ibHIHRPlIFnYkrpUHgqWZji6Ik76jDIffBOa0jLkpiKMnxkc/Uzw
tPLg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-type:date:date:feedback-id
:feedback-id:from:from:in-reply-to:in-reply-to:message-id
:mime-version:references:reply-to:sender:subject:subject:to:to
:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
fm3; t=1657291999; x=1657378399; bh=asT+G1v6k8/0ltek8BNyczHSa5ZV
yYDN8GO7U0AceBw=; b=CbZ73/O5lJDJeQRzcbqWWEndfooFREofLjLYA1OiSWNC
rucRLQ2oIQH9DW/Cxw0kN/8seG0oiDFu19bEuyMTDaf9Pcdn7kJT7zfktVdC8oGw
DmxGJ5B0wGbFp1aRhqJ6uTcCA5CDur7cWZXiKy+uIaI5MbvgrBqpmY3HzzIrDNkR
mtpvsOujW7opQqCLthSGCCzpUV8e7ViEPHaDaKlqIS8rAJxAT1X7uXHPDRXXiqBj
v3Ocw8TQxYP5RzKhpBSqEMNkFUlCcy/sivnIq2rMEQ1qa9x/64au41Y0k0QIfi2K
dBW6GZUY8PBNXqeEyVFWkJX0yWQDt1o+LxB621ajDg==
X-ME-Sender: <xms:30TIYkunPQ4SFwDBWT_FXrMNAivRmyGWWv2uWWTiTQKwSdpk77xPqQ>
<xme:30TIYhe5p_-Ipospj_HHefupKY9XZSXu9saMBoT6QBAtKQfDwWnmjw_A4_C81aqNU
adRc-ZCKYbwhU6Zk34>
X-ME-Received: <xmr:30TIYvzQSBU0hPtneGIgoYqfQtxIg7J7euxEChbs_DmFITC5JKouJq0zU0XxshiIFxkUNX-Jhf-dFX75qeWmtUp34EOE5Vzi6qBo-w>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudeijedgkedvucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
cujfgurhepfffhvfevuffkfhggtggujgesghdtreertddtvdenucfhrhhomheprfgvthgv
rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth
gvrhhnpedttdegtdffteeukeffhfffkeekiefhteduvdetjeeujeffgeevgefhudetjefh
veenucffohhmrghinhepghhithhhuhgsrdgtohhmpdhpvghtvghrthhouggurdhorhhgne
cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepuhhsvghr
sehpvghtvghrthhouggurdhorhhg
X-ME-Proxy: <xmx:30TIYnPP9vDHBLyCO4-3OeqFWr8sgJtrRoVTKnhpp2pWW3XwHezihQ>
<xmx:30TIYk9qv4tSIoQmMXvewBIjqWspvnJyKFfH1wqb4PJN43kjNxDWfg>
<xmx:30TIYvXZvX2oOZR1BqkAbYN706tx_jmN-Llv6ltndp8Oj6KYdxRUnw>
<xmx:30TIYik2n94zoMaCAdmbpnWF8e4g5btAYbljTZK1ZwIC-GGklsW4CQ>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
8 Jul 2022 10:53:19 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id 09FDA5F87C; Fri, 8 Jul 2022 10:53:13 -0400 (EDT)
Date: Fri, 8 Jul 2022 10:53:13 -0400
From: Peter Todd <pete@petertodd.org>
To: alicexbt <alicexbt@protonmail.com>
Message-ID: <YshE2QKBEVnbf+Bg@petertodd.org>
References: <CALZpt+GOh-7weEypT9JrzcwthZJqHOfj7sf9FMuqi5_FZv0g7w@mail.gmail.com>
<gmDNbfrrvaZL4akV2DFwCuKrls9SScQjqxeRoEorEiYlv24dPt1j583iOtcB2lFrxZc59N3kp7T9KIM4ycl4QOmGBfDOUmO-BVHsttvtvDc=@protonmail.com>
<CALZpt+FJ-R9yCoMLP=Vcxk1U7n=-LKHUGctFZj0K-vTMsz==ew@mail.gmail.com>
<RJEFmrnjbzKQCBr4L7ebwBLzg7QHGXlaE19zj6jfkxL6xjfodgbfssZBQSYxm783Y4X5awuhL9Gj8IaBc4npE2oh3d1xoudKTrSsJ-dk0VQ=@protonmail.com>
<CALZpt+HXB=xh3qtxJFM7yUzRu1uj-pPtLQmT=5QV0dNfVuTpfQ@mail.gmail.com>
<Pb8H4PbeS-RaNOKfekOPdY8gQo4_Syd3HoTK26AO872f7tCKyGnty56KtcvmvrXFOJdC7nQgNHoQ37M4MNXQ6vqQ9du6BFbvGLbY3BdYVpY=@protonmail.com>
<Yrj9N7k8osWsxhY4@petertodd.org>
<0ikzVrbv3tA2fyv4iW7b_gPJ-qkrJS3x9HzouSqLabK3yHthgigPt9YZhGlr4_nCutAlRREfFSw1JW0k5KhBgSj1aBI2MSDTLqYHGYbqNrg=@protonmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="CBfDTdh8b5nl7rXJ"
Content-Disposition: inline
In-Reply-To: <0ikzVrbv3tA2fyv4iW7b_gPJ-qkrJS3x9HzouSqLabK3yHthgigPt9YZhGlr4_nCutAlRREfFSw1JW0k5KhBgSj1aBI2MSDTLqYHGYbqNrg=@protonmail.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Playing with full-rbf peers for fun and L2s
security
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2022 14:53:23 -0000
--CBfDTdh8b5nl7rXJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jul 05, 2022 at 08:46:51PM +0000, alicexbt wrote:
> Hi Peter,
>=20
> > Note that Wasabi already has a DoS attack vector in that a participant =
can stop
> > participating after the first phase of the round, with the result that =
the
> > coinjoin fails. Wasabi mitigates that by punishing participating in fut=
ure
> > rounds. Double-spends only create additional types of DoS attack that n=
eed to
> > be detected and punished as well - they don't create a fundamentally new
> > vulerability.
>=20
> I agree some DoS vectors are already mitigated however punishment in this=
case will be difficult because the transaction is broadcasted after signin=
g and before coinjoin tx broadcast.
>=20
> Inputs are already checked multiple times for double spend during coinjoi=
n round: https://github.com/zkSNACKs/WalletWasabi/pull/6460
>=20
> If all the inputs in the coinjoin transaction that failed to relay are ch=
ecked and one or more are found to be spent later, what will be punished an=
d how does this affect the attacker with thousands of UTXOs or normal users?
Point is, the attacker is thousands of UTXOs can also DoS rounds by simply
failing to complete the round. In fact, the double-spend DoS attack requires
more resources, because for a double-spend to be succesful, BTC has to be s=
pent
on fees.
It's just a fact of life that a motivated attacker can DoS attack Wasabi by
spending money. That's a design choice that's serving them well so far.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--CBfDTdh8b5nl7rXJ
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmLIRNYACgkQLly11TVR
LzdaPBAAswImBlS8wRRrd9sJxxFtKAL+QTxR/SM3OIwaTYPcF1XH/2x9EZ6As4VO
Dqjj3eqi2ERr0yKiomRyAfmyVlT/YwzRBqu/KhwegJb1LToltjGPK20NG4Ba5Og4
gffgPhPvlfD3Ova7TXUslCx//T/bqc9AMr/cl/nFrHJIA+jvKwQo3TF48q/tQVWw
0SQOqy9iwi4mq3IBpwUk6DLFWCwx7pj9pFASzxVUaEcq5bK7c9aGmcuORPqyqa1Z
5gu+MAqoYQrEotTVDaHD/kS/mmZCPWvh8Alf1tZqm5z6+xGYK/2ZPxvQox47G2yF
8KiHGybUxo4tRsvstTUmS1jPDY5mOXUGFMZImnpqMgAi6961YF/nnAwa0I59OCZg
l+z4smQUdsKvdJLyfHd2Hhd2Ed8hEd+ezH78twPPfHT4tGfBWO9LRGjpj80xl4/K
aC5dS7rK02qB+qlPWY+yq1BLzXQzMkfaHy5KiPRqj4q+QJWUzTWYMN/vMN2KCgjS
Zn594Ce4PQUwJy/0zm/wd+NKCz1woVU/vKlnaUugNzHffvwhH1V4sQ9yeRExZLo6
TjrK+PoX45gqlIEfdtYkl5do7gaOqfY16dRRRYjV38nwmhTl4RMxG17s52ZOIJCO
g8YymI5YcxWNLcrjyoQcrr8f6i/xFv87t1AFr1uiCPsz2h83MBw=
=gSUw
-----END PGP SIGNATURE-----
--CBfDTdh8b5nl7rXJ--
|