Author: darosior 2022-02-19 17:20:19
Published on: 2022-02-19T17:20:19+00:00
In a discussion on the Lightning-dev mailing list, Peter Todd proposed the name "necromancing" for attacks that work by getting an out-of-date version of a transaction (tx) mined. Jeremy Rubin suggested that this new form of pinning attack, which he described as being distinct from other types of pinning attacks, is not formally defined as pinning. He argued that it would be better to call it something else with a negative connotation. However, Todd countered that necromancing might be an appropriate name. Todd explained that in his view, one should not assume that a replacement transaction would invalidate a previous version of it. There is no such thing as an out-of-date transaction if you signed and broadcasted it initially. Therefore, one cannot rely on the fact that a replacement transaction would somehow invalidate a previous version of it. The conversation then turned to OpenTimestamps (OTS) calendars and how they use RBF (replace-by-fee) to update the timestamp tx with a new merkle tip hash for all outstanding per-second commitments once per new block. In high fee situations, there can be many versions of the same tx, each with a slightly higher feerate. OTS calendars can handle any of those versions getting mined, but older versions getting mined wastes money. The remaining commitments still need to get mined in a subsequent transaction, and these are also delayed by the time it takes for the next tx to get mined. Todd argued that there are many use-cases beyond OTS with this issue, where older versions of transactions getting mined rather than the newer version wastes money and delays settlement. He suggested using non-standard nVersion bits or implementing fee accounts or similar mechanisms to prevent this from happening. Lastly, Todd checked BTC transaction accelerator services and found them to be either scams or very expensive. He noted that we need compelling reasons to make this nuisance attack significantly cheaper. When Rubin said that if you get "necromanced" on an earlier RBF'd transaction, you should be relatively happy because it cost you less fees overall, Todd disagreed, saying no, it doesn't.
Updated on: 2023-06-15T03:50:45.245260+00:00