Author: Greg Sanders 2022-06-27 12:03:38
Published on: 2022-06-27T12:03:38+00:00
In a recent discussion on the bitcoin-dev mailing list, a user named Alice brought up the issue of denial-of-service (DoS) attacks affecting almost all types of coinjoin transactions, including coordinator-based implementations. She provided an example of a DoS attack where an attacker broadcasts a double-spend of their own input with a low fee and no opt-in replace-by-fee signal, causing a rejection of a multi-party transaction by the network mempools. Another user named Peter Todd pointed out that punishing someone based on mempool behavior is much more difficult, as there is no "the mempool". Todd also noted that Wasabi already has a DoS attack vector in which a participant can stop participating after the first phase of the round, resulting in the failure of the coinjoin. However, Wasabi mitigates this by punishing participation in future rounds. Todd suggested that properly detecting and punishing additional types of DoS attacks caused by double-spends is necessary but does not create a fundamentally new vulnerability.
Updated on: 2023-06-15T21:59:20.355345+00:00