Author: alicexbt 2022-07-08 19:44:24
Published on: 2022-07-08T19:44:24+00:00
In a conversation between two individuals, Peter Todd and alicexbt, the vulnerability of Wasabi to DoS (Denial of Service) attacks was discussed. According to Todd, an attacker with thousands of UTXOs can DoS rounds by simply failing to complete them. Furthermore, a double-spend DoS attack would require more resources than other types of attacks because BTC has to be spent on fees for it to be successful. Todd noted that the design choice of being vulnerable to DoS attacks is serving Wasabi well so far. Alicexbt agreed with Todd's points but also pointed out some additional concerns regarding possible punishment for attackers in the case of failed relay transactions during coinjoin rounds. Alicexbt also discussed the possibility of different 'mempool views' for coordinator, users, and attackers and how this could be exploited by attackers. Additionally, double spend attacks only require a few UTXOs and a laptop which could pose a threat to Wasabi's security. Finally, Alicexbt mentioned observing some interesting things and hoped to do a public disclosure soon.
Updated on: 2023-06-15T22:00:14.944666+00:00