Author: Antoine Riard 2022-06-17 01:34:17
Published on: 2022-06-17T01:34:17+00:00
Antoine Riard, a Bitcoin developer, has submitted a patch for Bitcoin Core enabling it to turn on full-replace-by-fee (RBF) as a policy. The move is aimed at fixing a denial-of-service (DoS) vector that can be played against the funding flow of multi-party funded transactions, such as coinjoins, dual-funded Lightning Network channels, and on-chain discrete log contracts. The lack of an existent full-RBF transaction-relay topology on today's p2p network makes these constructions vulnerable to attack.In a recent pull request, Antoine argued in favor of adding support for full-replace-by-fee (full-rbf) in Bitcoin Core to address concerns about the security of multi-party funded transactions. He pointed out that the lack of existent full-rbf transaction-relay topology on today's p2p network makes these constructions vulnerable to a low-fruit, naive DoS vector.However, alicexbt questioned the approach and raised some important questions regarding the security of policies that can be changed without breaking consensus rules and the potential impact of a partial full-rbf deployment. Antoine responded by stating that Lightning node software relies on far more software and hardware components than the transaction-relay p2p network.Moreover, he believes that assuming there is a significant number of economically rational entities running p2p nodes, it's reasonable to expect that a policy maximizing miner's income and economic nodes operations will be widely run on the p2p network and lay its security model on that. He also acknowledged that current Lightning still lacks understanding of what should be figured out in the LN user manual for safe operations and that full-rbf is far from solving all the known set of problems affecting the L2s due to interactions with network mempools.Regarding alicexbt's concern about the lack of basic options in Bitcoin Core to employ/disable different RBF policies, Antoine stated that developers are also Bitcoin users, and they're modifying the software to suit their use-case needs. He also suggested that instead of selecting a full-node to underpin any serious Bitcoin infrastructure or secure a significant stack of coins, it's far less costly to implement and review a few lines of codes in Bitcoin Core.In conclusion, Antoine argued that a partial full-rbf deployment is necessary to solve a real precise security issue affecting multi-party funded transactions. While alicexbt expressed support for full-rbf, they disagreed with the notion that full-rbf will solve all problems and suggested that users try Bitcoin Knots instead, which already has an option to disable all RBF policies if required. Developers should provide basic RBF policy options rather than attempting to define what constitutes a good policy and removing the ability to disable something when necessary.
Updated on: 2023-06-15T21:56:31.043867+00:00