A Free-Relay Attack Exploiting RBF Rule #6

The email from Boris Nagaev presents a critical evaluation of a previously proposed solution concerning the prevention of replacement attacks within a network. Initially, it was thought that delaying and skipping transactions could offer protection against such attacks. However, upon further reflection, Nagaev identifies a significant flaw in this approach. Specifically, he points out that if a transaction is skipped, it could potentially serve as a preimage for an attack, leading to situations where a node might miss critical transactions. This realization leads to the conclusion that the initial proposal is not viable for safeguarding against replacement attacks.

In light of this, Nagaev suggests a revision to the strategy aimed at ensuring the security of the network. He advocates for a method where every transaction is eventually shared with all nodes, eliminating the possibility of skipping transactions. This approach is based on the premise that comprehensive broadcasting of transactions would theoretically prevent any node from being selectively targeted or omitted during an attack.

However, Nagaev also acknowledges the practical challenges associated with implementing such a solution. He outlines two primary concerns: the risk of creating vectors for denial-of-service (DoS) attacks through either bandwidth overload or memory exhaustion. The latter concern arises from the potential need for nodes to accumulate transactions in a buffer before broadcasting them, which could strain the system's resources. This complexity underscores the delicate balance between ensuring robust security measures and maintaining the operational integrity of the network.