[Bitcoin-development] Zeroconf-safe tx replacement (replace-for-fee)

Peter Todd pete at petertodd.org
Mon Nov 4 11:59:25 UTC 2013


On Mon, Nov 04, 2013 at 12:10:38PM +0100, Adam Back wrote:
> Might leak less wiggle room and be simpler/more robut to validate that
> *everything* has to be the same except for the amount going to one (presumed
> change) address.  A privacy leak I know, but dont do that - ie send enough
> change the first time.  And network analysis has shown change addresses
> arent adding hardly any privacy.
> 
> We need more robust privacy fixes independently.  I do not support damaging
> the 0-conf feature, so I think this later approach is a better track for
> revising fees.

There's been a number of uses found for tx-replacement beyond simply
modifying fees. In additition, allowing for the value of a specificly
designated change address to be changed after the fact is not compatible
with current zero-conf-using implementations; they don't know to treat a
txout as special so allowing its value to be reduced would allow for a
zeroconf attack.

Anyway, if you look at the code that actually implements the
replacement, it's extremely simple already. I see no reason to make it
less general; transaction relaying rules are not part of consensus.

-- 
'peter'[:-1]@petertodd.org
000000000000000a6dd96c551eca7299463e4e523462798a006535f412b519c7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 685 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131104/04bb20b1/attachment.sig>


More information about the bitcoin-dev mailing list