Hi Antoine,
> If I'm correct, two users can cooperate maliciously against the batch
> withdrawal transactions by re-signing a CPFP from 2-of-2 and
> broadcasting the batch withdrawal as a higher-feerate package / high
> fee package and then evicting out the CPFP.
Yes, they can, and any user could
Thanks Antoine for your work on this issue.
I confirm that eclair v0.9.0 contains the migitations described.
Eclair has been watching the mempool for preimages since its very early
versions (years ago), relying on Bitcoin Core's ZMQ notifications for
incoming transactions. I believe this guarante
Bitcoin Core version v25.1 is now available from:
https://bitcoincore.org/bin/bitcoin-core-25.1/
Or through BitTorrent:
magnet:?xt=urn:btih:aa13e74abc8e389d4271813e9d0415890f9d8058&dn=bitcoin-core-25.1&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.opentrackr.org%
On Wed, Oct 18, 2023 at 12:34 AM Matt Corallo via bitcoin-dev
wrote:
>
> There appears to be some confusion about this issue and the mitigations. To
> be clear, the deployed
> mitigations are not expected to fix this issue, its arguable if they provide
> anything more than a PR
> statement.
>
>
That certainly helps, yes, and I think many nodes do something akin to this already, but I'm not
sure we can say that the problem has been fixed if the victim has to spend way more than the
prevailing mempool fees (and potentially burn a large % of their HTLC value) :).
Matt
On 10/19/23 12:23
Hi Bastien,
Thanks for your additional comments.
> Yes, they can, and any user could also double-spend the batch using a
> commit tx spending from the previous funding output. Participants must
> expect that this may happen, that's what I mentioned previously that
> you cannot use 0-conf on that
Hi Matt,
This mitigation is mentioned in the attached paper (see subsection 3.4
defensive fee-rebroadcasting)
https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf
As soon as you start to have a bit of a mempool backlog and the defensive
fractional fee
On Thu, Oct 19, 2023 at 5:22 PM Antoine Riard wrote:
>
> Hi Matt,
>
> This mitigation is mentioned in the attached paper (see subsection 3.4
> defensive fee-rebroadcasting)
> https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf
>
> As soon as you start
> As the CLTV
> delta deadline approaches, the fees in case 2 may be 50%, 80%, even
> 100% of the HTLC value under such a scorched earth policy.
A replacement-cycling attacker can afford to pay 100% of the HTLC value
under the defender scorched earth policy and still realize an economic gain.
Let
Hello Bitcoin Community,
I'm thrilled to share with you my PhD thesis titled "Evolving Bitcoin Custody,"
a deep-dive into the design and analysis of Bitcoin custody systems, exploring
their evolution in the face of a constantly changing technological and threat
landscape.
You can access the fu
Hi all,
I've done an exploration of what would be required (given
OP_TX/OP_TXHASH or equivalent way of pushing a scriptPubkey on the
stack) to usefully validate Taproot outputs in Bitcoin Script. Such
functionality is required for usable vaults, at least.
https://rusty.ozlabs.or
11 matches
Mail list logo
