Peter Todd has highlighted a significant vulnerability in Bitcoin's transaction relay system, emphasizing that it could be mitigated by enabling full Replace-By-Fee (RBF) by default. This suggestion, however, was overlooked by the Bitcoin Core team due to political reasons, demonstrating a broader disregard for addressing free relay attack concerns, including the rejection of a proposal that could have remedied various issues like transaction pinning and supported TRUC/V3 transactions. The critique extends to TRUC/V3 transactions themselves, as outlined in BIP-431, where the authors' acceptance of free relay attacks contradicts their recommendations, suggesting a misallocation of engineering resources towards ineffective solutions.
The vulnerability operates by exploiting the discrepancy between miners' and Bitcoin Core nodes' policies, allowing attackers to broadcast low fee-rate transactions that consume bandwidth without being mined. This method showcases a significant inefficiency within Bitcoin's protocol, enabling attackers to consolidate transactions at low cost. Todd's disclosure, supported by references to previous discussions and disclosures (Mar 18th disclosure, Mar 31st disclosure), calls for a reevaluation of the Bitcoin Core development community's decision-making and technical priorities to address security vulnerabilities more effectively.
July 18, 2024 15:56 UTC
bitcoin-dev
July 21, 2024 19:48 UTC
delvingbitcoin
July 18, 2024 17:39 UTC
bitcoin-dev
July 16, 2024 16:43 UTC
bitcoin-dev
July 15, 2024 20:00 UTC
delvingbitcoin
July 15, 2024 12:24 UTC
delvingbitcoin