Author: Antoine Riard 2022-07-09 15:06:43
Published on: 2022-07-09T15:06:43+00:00
The discussion revolves around the vulnerability of open, p2p coinjoin services to DoS attacks and the different types of attacks that can be launched. One such attack is the DoS-by-abstention, which is lower cost as compared to a DoS-by-RBF-otpout. However, the latter may be more economically efficient for the attacker as they can reuse the same UTXO many times, given the limited visibility of the network mempools that the coinjoin coordinator has.It is acknowledged that a motivated attacker can DoS attack Wasabi by spending money, and that this is a design choice that has been serving them well so far. However, it is difficult to make any open, p2p coinjoin service robust against deep-pocketed attackers practicing DoS attacks. The other users' only practical choice in such situations is to double-spend their own input to get their money back or wait and hope to win a propagation race somewhere.The discussion also touches upon the fact that a double spend attack requires only a laptop and a few UTXOs, and while it may pay a few sats per transaction, it won't be an issue for governments or competitors that normally perform such attacks. There is a need to mitigate all classes of DoS to avoid malicious coinjoin service providers from outlawing competitions that stay open.Overall, the discussion highlights the vulnerability of open, p2p coinjoin services to DoS attacks and the need for measures to mitigate these attacks.
Updated on: 2023-06-15T21:53:07.112194+00:00