Published on: 2021-02-12T11:49:42+00:00
In an email exchange, Antoine and Pieter discuss the potential privacy implications of a proposed change regarding the discovery of a node's tx-relay topology. Antoine suggests that if an unrequested-tx peer is sending an attack, it likely learned the transaction from somewhere else, such as the tx owner. He also points out that the same outcome can already be achieved by sending an INV and observing if a GETDATA is replied back, which can help determine the presence of another peer with knowledge of the txid. Additionally, connecting to this other peer and waiting for an announcement can also provide insight. However, Pieter expresses concern about the privacy implications of the change and requests clarification on why it is not a concern.Antoine acknowledges the need for further study on the privacy properties of transaction announcements/requests, especially considering recent changes and upcoming Erlay changes. Despite this concern, Antoine fails to see how the proposed change would make it easier for attackers compared to the existing heuristics. The proposed change in Bitcoin Core 22.0+ involves stopping the processing of unrequested transactions at TX message reception. This change aims to reduce the CPU DoS surface of Bitcoin Core related to mempool acceptance. Currently, attackers can send expensive-to-validate junk transactions to a node through multiple inbound connections. The proposal would disrupt the tx-relay capabilities on the p2p network and require adaptation from certain Bitcoin clients who do not follow the INV/GETDATA sequence. However, a permissioned peer (PF_RELAY) would still be able to bypass these restrictions.An unrequested transaction refers to one for which a "getdata" message has not been previously issued by the node. Once the canonical INV/GETDATA sequence is enforced on the network, additional protection can be implemented, such as deprioritizing bandwidth and validation resources allocation or severing connections with DoSy peers. Some Bitcoin clients currently do not bother with the INV/GETDATA sequence, as raw TX message processing has always been tolerated by Core. Therefore, this change would impact their tx-relay capabilities on the p2p network and necessitate adaptation from them. Antoine hopes to gather feedback on this proposal and emphasizes the need for a sufficient window of time before the old tx-processing behavior becomes the minority. Feedback is particularly sought regarding whether this change is overly restrictive or implemented too quickly in Bitcoin software.Antoine's proposal aims to address the CPU DoS surface of Bitcoin Core by halting the processing of unrequested transactions at TX message reception. While privacy concerns are raised, Antoine believes that the proposed change does not make it easier for attackers compared to existing heuristics. The change would disrupt tx-relay capabilities on the p2p network and require adaptation from certain Bitcoin clients. Antoine welcomes feedback on the proposal's constraining nature and speed of implementation in Bitcoin software.
Updated on: 2023-08-02T03:08:43.541298+00:00