bitcoin-dev

Altruistic Rebroadcasting - A Partial Replacement Cycling Mitigation

Altruistic Rebroadcasting - A Partial Replacement Cycling Mitigation

Original Postby Peter Todd

Posted on: December 22, 2023 14:01 UTC

The effectiveness of BIP157 in the Bitcoin network and how it aligns with node behavior and security measures is under discussion.

It's noted that Bitcoin nodes typically adhere to a mempool limit of around 300MB, leading to consistent minimum fees across diverse nodes worldwide. This consistency in minimum fees is more pronounced than the variability seen in the mempool sizes measured by the number of transactions. The design of the system ensures that attackers cannot execute replacement cycling attacks without incurring increasing costs. According to BIP125 rule 4, any transaction replacement must include a higher fee than its predecessor, which acts as a deterrent to potential attackers, as they would need to continuously outbid other transactions.

In a scenario where an attacker attempts to use the same Unspent Transaction Outputs (UTXOs) to displace multiple transactions from different victims across various nodes simultaneously, the strategy proves to be self-defeating. Each node perceives a different aspect of the attack, and due to altruistic rebroadcasting by nodes not directly targeted by the attack, victim transactions still reach a significant portion of the network. For instance, if an attacker targets two separate nodes with the same UTXO, each node will only see the attack relevant to its own transaction. As a result, roughly half the nodes would retain one victim's transaction while the other half retains the other's, rendering the attack largely ineffective. This inefficiency is exacerbated as the attacker tries to target more victims simultaneously.

For further insights into these topics and more in-depth analysis, interested readers can explore Peter Todd's work at his personal website, accessible via the link provided in the email: https://petertodd.org. Correspondence with Peter Todd can also be directed to his email by piecing together 'peter'[:-1]@petertodd.org, which suggests removing the last character from 'peter' to form the correct email address.