bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Peter Todd

Posted on: October 21, 2023 01:25 UTC

Schnorr signatures, which are 64 bytes in size, can be advantageous in situations like lightning where the transaction form is deterministically derived.

Signing 100 extra transactions would only require an additional 6400 bytes. Even with a slow connection speed of 100KB/s, transferring this amount of data would take just 64 milliseconds, with latency being the dominant factor.

Regarding RBF (Replace-by-Fee), it has a default minimum incremental relay fee of 1sat/vByte. By using the 100 pre-signed transaction variants to sign every possible minimum incremental relay, a range of 1sat/vByte to 100sat/vByte can be covered. This range is believed to be sufficient for getting mined for any block in Bitcoin's entire modern history.

On the other hand, CPFP (Child-Pays-for-Parent) requires two transactions and therefore requires extra bytes. Unless dealing with very large transactions in low-fee environments, there are no circumstances where CPFP outperforms RBF.

For more information on this topic, you can visit Peter Todd's website at https://petertodd.org or contact him via email at 'peter'[:-1]@petertodd.org.