📅 Original date posted:2019-10-26 📝 Original message: > > * Output type: normal ...

Joost Jager [ARCHIVE] /

npub1asl…fqmx

2023-06-09 12:56:52

in reply to nevent1q…l6tu

📅 Original date posted:2019-10-26
📝 Original message:
>
> * Output type: normal P2WKH. At one point, an additional spending path was
> proposed that was unconditional except for a 10 block csv lock. The
> intention of this was to prevent utxo set pollution by allowing anyone to
> clean up. This however also opens up the possibility for an attacker to
> 'use up' the cpfp carve-out after those 10 blocks. If the user A is offline
> for that period of time, a malicious peer B may already have broadcasted
> the commitment tx and pinned down user A's anchor output with a low fee
> child. That way, the commitment tx could still remain unconfirmed while an
> important htlc expires.
>

Ok, this 'attack' scenario doesn't make sense. Of course with a csv lock,
this spend path is closed when the commitment tx is unconfirmed. But it is
still a question whether user A would appreciate their anchor output being
taken by someone else when they are offline for more than 10 blocks.

If we do like this utxo set clean up path, one could also argue that this
should then be applied to every near-dust output on the commitment tx (eg
small htlcs).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20191026/8c9a5819/attachment.html>;

Author Public Key

npub1aslmpzentw224n3s6yccru4dq2qdlx7rfudfnqevfck637cjt6esswfqmx

Show more details

Published at

2023-06-09 12:56:52

Kind type

1 Short Text Note

Event JSON

{ "id": "c69c790364203ad24d45ad0fbf761486d302e4e9b291e505c3b523cecb934d3a", "pubkey": "ec3fb08b335b94aace30d13181f2ad0280df9bc34f1a99832c4e2da8fb125eb3", "created_at": 1686315412, "kind": 1, "tags": [ [ "e", "f39051912ed703ee2913e5be180ea7923761fcf65a37b216b41410094549a236", "", "root" ], [ "e", "6549c13099cd849bbdafacbbaf242a6066b685eeec52c303ac21c0cb3dead21b", "", "reply" ], [ "p", "ec3fb08b335b94aace30d13181f2ad0280df9bc34f1a99832c4e2da8fb125eb3" ] ], "content": "📅 Original date posted:2019-10-26\n📝 Original message:\n\u003e\n\u003e * Output type: normal P2WKH. At one point, an additional spending path was\n\u003e proposed that was unconditional except for a 10 block csv lock. The\n\u003e intention of this was to prevent utxo set pollution by allowing anyone to\n\u003e clean up. This however also opens up the possibility for an attacker to\n\u003e 'use up' the cpfp carve-out after those 10 blocks. If the user A is offline\n\u003e for that period of time, a malicious peer B may already have broadcasted\n\u003e the commitment tx and pinned down user A's anchor output with a low fee\n\u003e child. That way, the commitment tx could still remain unconfirmed while an\n\u003e important htlc expires.\n\u003e\n\nOk, this 'attack' scenario doesn't make sense. Of course with a csv lock,\nthis spend path is closed when the commitment tx is unconfirmed. But it is\nstill a question whether user A would appreciate their anchor output being\ntaken by someone else when they are offline for more than 10 blocks.\n\nIf we do like this utxo set clean up path, one could also argue that this\nshould then be applied to every near-dust output on the commitment tx (eg\nsmall htlcs).\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20191026/8c9a5819/attachment.html\u003e", "sig": "630358e4e225f5188f61a890a73b27e37949e5b3fd27378b8d648d6824e3fbdfdc908f3e2c63db8af68fe0924defd214205ce87709e4dd0ccbd90f60ef997b5d" }