Subscribe to our weekly newsletter

Get the latest updates on the community, upcoming topics, and new discussions in your inbox every week.

Summary

Peter Todd has highlighted a significant vulnerability in Bitcoin's transaction relay system, emphasizing that it could be mitigated by enabling full Replace-By-Fee (RBF) by default. This suggestion, however, was overlooked by the Bitcoin Core team due to political reasons, demonstrating a broader disregard for addressing free relay attack concerns, including the rejection of a proposal that could have remedied various issues like transaction pinning and supported TRUC/V3 transactions. The critique extends to TRUC/V3 transactions themselves, as outlined in BIP-431, where the authors' acceptance of free relay attacks contradicts their recommendations, suggesting a misallocation of engineering resources towards ineffective solutions.

The vulnerability operates by exploiting the discrepancy between miners' and Bitcoin Core nodes' policies, allowing attackers to broadcast low fee-rate transactions that consume bandwidth without being mined. This method showcases a significant inefficiency within Bitcoin's protocol, enabling attackers to consolidate transactions at low cost. Todd's disclosure, supported by references to previous discussions and disclosures (Mar 18th disclosure, Mar 31st disclosure), calls for a reevaluation of the Bitcoin Core development community's decision-making and technical priorities to address security vulnerabilities more effectively.

New posts

July 18, 2024 15:56 UTC

bitcoin-dev

A "Free" Relay Attack Taking Advantage of The Lack of Full-RBF In Core

23 replies

  • The vulnerability in Bitcoin's relay system could be fixed by enabling full RBF by default.
  • TRUC/V3 transactions ignore the risk of free relay attacks, suggesting ineffective solutions.
  • The described attack exploits discrepancies between miners' and Bitcoin Core nodes' policies, wasting resources.

Ongoing Discussions

July 21, 2024 19:48 UTC

delvingbitcoin

Ecash TIDES using Cashu and Stratum v2

29 replies

  • The Stratum V2 protocol promises enhanced mining efficiency and security advancements.
  • Adoption challenges include compatibility issues and the need for industry-wide acceptance.
  • Stratum V2 could decentralize mining, offering economic and operational improvements.

July 18, 2024 17:39 UTC

bitcoin-dev

Great Consensus Cleanup Revival

31 replies

  • A coinbase transaction's input is uniquely serialized to assure its validity and integrity.
  • Validation challenges in blockchain include detecting hash invalidity and ensuring witness data's authenticity.
  • Technical discussions focus on preventing transaction malleation and refining DoS mitigation in blockchain transactions.

July 16, 2024 16:43 UTC

bitcoin-dev

BIP Draft: "ChillDKG: Distributed Key Generation for FROST"

2 replies

  • Dave examines ChillDKG's public recovery data for privacy implications against crypto standards.
  • He distinguishes between the privacy effects of BIP32 HD paths and xpub exposure.
  • His inquiry seeks to understand ChillDKG's privacy stance in comparison to known practices.

July 15, 2024 20:00 UTC

delvingbitcoin

Segwit Ephemeral Anchors

12 replies

  • A new Pay To Anchor (P2A) feature enhances programming functionality and user experience.
  • The project, open for review on GitHub, encourages community feedback and contributions.
  • This initiative promotes collaborative software development and technological advancement.

July 15, 2024 12:24 UTC

delvingbitcoin

Ephemeral Anchors and MEVil

10 replies

  • The discussion highlights the issue with transaction fees in the Lightning Network.
  • A Pay To Anchors approach is proposed to simplify fee management.
  • The approach varies, aiming for cost-effective LN transactions with minimal complexity.