Peter Todd [ARCHIVE] on Nostr: π Original date posted:2022-02-19 π Original message: On Sat, Feb 19, 2022 at ...
π
Original date posted:2022-02-19
π Original message:
On Sat, Feb 19, 2022 at 05:20:19PM +0000, darosior wrote:
> > Necromancing might be a reasonable name for attacks that work by getting an
> > out-of-date version of a tx mined.
>
> It's not an "attack"? There is no such thing as an out-of-date transaction, if
> you signed and broadcasted it in the first place. You can't rely on the fact that
> a replacement transaction would somehow invalidate a previous version of it.
Anyone on the internet can send you a packet; a secure system must be able to
receive any packet without being compromised. Yet we still call packet floods
as DoS attacks. And internet standards are careful to avoid making packet
flooding cheaper than it currently is.
The same principal applies here: in many situations transactions _do_ become
out of date, in the sense that you would rather a different transaction be
mined instead, and the out-of-date tx being mined is expensive and annoying.
While you have to account for the _possibility_ of any transaction you have
signed being mined, Bitcoin standards should avoid making unwanted necromancy a
cheap and easy attack.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20220219/d50565cf/attachment.sig>
π Original message:
On Sat, Feb 19, 2022 at 05:20:19PM +0000, darosior wrote:
> > Necromancing might be a reasonable name for attacks that work by getting an
> > out-of-date version of a tx mined.
>
> It's not an "attack"? There is no such thing as an out-of-date transaction, if
> you signed and broadcasted it in the first place. You can't rely on the fact that
> a replacement transaction would somehow invalidate a previous version of it.
Anyone on the internet can send you a packet; a secure system must be able to
receive any packet without being compromised. Yet we still call packet floods
as DoS attacks. And internet standards are careful to avoid making packet
flooding cheaper than it currently is.
The same principal applies here: in many situations transactions _do_ become
out of date, in the sense that you would rather a different transaction be
mined instead, and the out-of-date tx being mined is expensive and annoying.
While you have to account for the _possibility_ of any transaction you have
signed being mined, Bitcoin standards should avoid making unwanted necromancy a
cheap and easy attack.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20220219/d50565cf/attachment.sig>