Author: Peter Todd 2022-06-27 00:43:35
Published on: 2022-06-27T00:43:35+00:00
A user named alicexbt via bitcoin-dev reported a DoS attack to Antoine, which affects almost all types of coinjoin transactions including coordinator-based implementations. The attack is carried out by broadcasting a double-spend of one's input with low fees and no opt-in RBF signaling. This results in the rejection of multi-party transactions by network mempools. The user also played around with RBF, DoS, and Coinjoin and suggested that affected projects should share their opinion about full-RBF as it might improve things. Furthermore, the user provided an example of a DoS attack on Wasabi, where a participant can broadcast a transaction spending input used in coinjoin after sending signature in the round. This results in a coinjoin transaction that never gets relayed. However, note that Wasabi already has a DoS attack vector where a participant can stop participating after the first phase of the round, resulting in a failed coinjoin. Wasabi mitigates this by punishing participation in future rounds. Double-spends only create additional types of DoS attack that need to be detected and punished as well - they don't create a fundamentally new vulnerability.
Updated on: 2023-06-15T22:01:51.670420+00:00