summaryrefslogtreecommitdiff
path: root/a4/f5e23559d5135b770fc7ab8eda67a8e0905b30
blob: a20a57a6f1178ef37d11b853e6468f8c9dd79f1c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
Return-Path: <pete@petertodd.org>
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
 by lists.linuxfoundation.org (Postfix) with ESMTP id 9745CC002D
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue,  6 Dec 2022 05:04:05 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp4.osuosl.org (Postfix) with ESMTP id 47C87408F3
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue,  6 Dec 2022 05:04:05 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 47C87408F3
Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key,
 unprotected) header.d=messagingengine.com header.i=@messagingengine.com
 header.a=rsa-sha256 header.s=fm1 header.b=U5JzXVsL
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.603
X-Spam-Level: 
X-Spam-Status: No, score=-2.603 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Received: from smtp4.osuosl.org ([127.0.0.1])
 by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id SRbRSdk8h3OC
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue,  6 Dec 2022 05:04:03 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org D935C408F0
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com
 [64.147.123.25])
 by smtp4.osuosl.org (Postfix) with ESMTPS id D935C408F0
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue,  6 Dec 2022 05:04:02 +0000 (UTC)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.west.internal (Postfix) with ESMTP id 9F0F132009E2;
 Tue,  6 Dec 2022 00:03:59 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Tue, 06 Dec 2022 00:03:59 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:date:feedback-id
 :feedback-id:from:from:in-reply-to:in-reply-to:message-id
 :mime-version:references:reply-to:sender:subject:subject:to:to
 :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
 fm1; t=1670303039; x=1670389439; bh=cEsngTJaKs41bwoQgEsItdh0GvmI
 WduEkXaxxnO3WGI=; b=U5JzXVsLsjKPPpQSmgh1fTT+317J1BO3EpA4dXNNZ4VC
 d96Q7Cl9ipne3XZKKngbGMvIAjLjGUSnUksLYfqFR4W3Y2+3F6VZmyc7eo8dpQnG
 cy2e65h6WWv/PREU9UdVdIWfg7SN3Hs26XMRd/g1wGpw/HVujYf+ikfj6ITKOarG
 VAmI5jPJlPwfjFe9/veZ4pGYqk3aFjKaPExvs7jMDijzCQ9Ivipw0d3x/Si/kzo+
 5ujURckS56j0FZ5mbD1oJaXW5+IDBI0/Qawzvhw1Ajc/DImDKcKJfFRbKptp5nAm
 jFsaaXWIW9HC7bEI81vN5OJXg0WsxKyPRk3iROegQw==
X-ME-Sender: <xms:Ps2OYydlI74XTe3a8GpS860Dfh1VKfR3C9xCP4osXJ5JI0sjLao7_g>
 <xme:Ps2OY8M33RtdRy93DaFOnIf9lYc_IYqLqA789qkdLtAW-768SAIisrkfiy9lnkfEW
 IWb0TT4bTT5C6-ckuw>
X-ME-Received: <xmr:Ps2OYzhIbhaIt4WN8CL-b6kpAFiIwI6RfsqznZm7xvYffX4Zxzi25AWGMCE2>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudehgdejlecutefuodetggdotefrodftvf
 curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
 uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc
 fjughrpeffhffvuffkfhggtggujgesghdtreertddtvdenucfhrhhomheprfgvthgvrhcu
 vfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtthgvrh
 hnpeduvdetjeeiiefhvdehueeiuedvgefgtddtffdvtdffvdetheelleejgeduhfdvteen
 ucffohhmrghinheplhhinhhugihfohhunhgurghtihhonhdrohhrghdpphgvthgvrhhtoh
 guugdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr
 ohhmpehpvghtvgesphgvthgvrhhtohguugdrohhrgh
X-ME-Proxy: <xmx:Ps2OY_97WgraH_V1fJSvNBc-PnXAG_6b3Yl6yUmSWCc1lwsEjfC6cQ>
 <xmx:Ps2OY-upRWEMSgKSM_bYciBw5ZeNoe1TdoXHreEzWvOX0vlPq6FD_g>
 <xmx:Ps2OY2EX3fBAcNk9u3s3DGVcLnPKUbuUt1uJ6fPDEIrd_qebjqmiLw>
 <xmx:P82OYyKosuPCJwqnVRqjWM2EiZIHo9e9s_FDazdOd0eSfxQYg8PFkg>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
 6 Dec 2022 00:03:58 -0500 (EST)
Received: by localhost (Postfix, from userid 1000)
 id 9645E5F83F; Tue,  6 Dec 2022 00:03:56 -0500 (EST)
Date: Tue, 6 Dec 2022 00:03:56 -0500
From: Peter Todd <pete@petertodd.org>
To: Antoine Riard <antoine.riard@gmail.com>,
 Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Message-ID: <Y47NPO4fscqZl8hr@petertodd.org>
References: <CACkWPs8-rZpGSJSEyLsg9gVAuPpHztXWSZvfGscGJCn05th0DQ@mail.gmail.com>
 <CALZpt+GnTE+LMSMHVt-E7Uq0FeuqrSKyr1m9OJa_yKkh6MrgzA@mail.gmail.com>
 <CALZpt+HFFwY4XECNZj3XLqnaumPeDjrwvnCsRa3vsGQfuXn8wA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="EUnx+iPq6XGs1tpV"
Content-Disposition: inline
In-Reply-To: <CALZpt+HFFwY4XECNZj3XLqnaumPeDjrwvnCsRa3vsGQfuXn8wA@mail.gmail.com>
Subject: Re: [bitcoin-dev] Fwd: [Opt-in full-RBF] Zero-conf apps in
 immediate danger
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Dec 2022 05:04:05 -0000


--EUnx+iPq6XGs1tpV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 02, 2022 at 05:35:39PM -0500, Antoine Riard via bitcoin-dev wro=
te:
> To recall, the original technical motivation of this option, and the wider
> smoother deployment was to address a DoS vector affecting another class of
> use-case: multi-party transactions like coinjoin and contracting protocols
> like Lightning [2] [3]. All of them expect to generate economic flows and
> corresponding mining income. Since then, alternative paths to solve this
> DoS vector have been devised, all with their own trade-offs and conceptual
> issues [4] [5].

<snip>

> [4]
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-October/0211=
35.html
> [5]
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-November/021=
144.html

To be clear, these alternative paths all negatively impact privacy as they'=
re
creating yet more ways for bad actors such as Chainalysis to deanonymize
transactions. We have a fundamental political tradeoff between the few
centralized services trying to accept unconfirmed txs, and the huge number =
of
users - everyone else - who desires privacy.

A big part of the promise of taproot was that we'd be able to eventually
greatly improve the anonymity set of all transactions by making multi-party
transactions indistinguishable from any other transaction. That's a huge pa=
rt
of why the community fought for taproot adoption.

Your proposal [5] that multi-party protocols use a different nVersion to si=
gnal
full-rbf in their txouts negates that anonymity set for the obvious reason =
that
single-party wallets are discouraged from using it by the fact that a few
services like Bitrefill complain about RBF transactions. Indeed, since
nVersion=3D3 transactions are non-standard, we additionally have the proble=
m that
many more wallets won't even see such payments until a confirmation, or in =
some
cases due to bugs, never.


Worse, this trade-offs is fundamental: it is impossible to design such a
protocol without harming privacy. Why? Let's assume such a protocol was
possible. To be compatible with how unconfirmed txs are accepted today the
protocol would have to have the following two simultaneous properties:

1) Zeroconf services would need to be able to inspect the tx data and deter=
mine
   whether or not the txout had opted into full-rbf.
2) Chainalysis services would need to be unable to inspect the tx data and
   determine whether or not the txout had opted into full-rbf.

This is an obvious contradiction, and the only alternative of commit-reveal
schemes is ridiculous and would *itself* create yet another privacy impact.=
 We
do not need any further technical debate on this issue: this is a political
tradeoff between a few centralized services and all other users that needs =
to
be decied by the community. No different than the blocksize wars.


The v3 proposal Suhas mentions in [4] has similar privacy issues: again we'=
re
forcing a class of multiparty protocols to create transactions that are cle=
arly
identified as being multiparty. In this case the privacy impact isn't as st=
ark,
because the common case of cooperative actions in Lightning can use v2
transactions. But this is still a privacy impact that could be avoided by
better mempool design. Eg as I showed in:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-November/02117=
5.html

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--EUnx+iPq6XGs1tpV
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmOOzS8ACgkQLly11TVR
LzdqCQ//XiqczJAFJO49aRIbpUcpP3HBHgNY6fv4GbvWczle5BnA0YvYupvlAaXz
uOoUIoLGdUUyv3paHoaJ+ZiQ2vt8sgalSI1PVE18DKqmWNONMo3Ub8707qpLQ5ey
WHOOQe/efckw9RufXQ0TqMYN7MIJ3z9d3SxGtM9Xv/sHsgtE94dOT71DIpU9wYcl
zKOEaI9lfLSHf8k5BpR+CDqmMaz7/xBUsy0RVoevbOXsXDf8VR9GOj3cNlfXZ88J
XkMLpyMLH6gxZgJwxoBpN2YtZ9HUgFQ671D+XN6JISEIElIZT6DEudlrF/aJxOoh
qFsm+/50WtZOjAXJjahA61BDPN5D7rP/upQdPA+KB2Xb2GN8Ti5ghFldLZR0OCK/
N69jTRtWCjBVdJIHYq3ggVsWriqtFHzx3UQvEHa4MAo5Yvwi49d76Nn4K/LAVhXd
4PPE1cx4mskJXl2lGT9ta70Yxl9UGPXEYPqgBOz+5IpugCe4dzwQxdaLepgDZ4I3
z/25eznrj3U2lXEr3pMr4ad4xqxi7K5mQa0IFU1G90D8GZGtIBegpo+TY9JMV/YQ
Jp1Mirft6r1hm0TWLFigwhx3OcnXQkqXYWBxC1YnxuCZ19TQXOAAhSSmmRgmgsjA
o4tLoUGi9sqkPPmNuUHzudsquKsSQhKYfhGhLRJ0V1A8G31ZBEg=
=t5U1
-----END PGP SIGNATURE-----

--EUnx+iPq6XGs1tpV--