Author: Antoine Riard 2022-10-17 22:14:52
Published on: 2022-10-17T22:14:52+00:00
In a recent email on the Bitcoin-dev mailing list, Dario Sneidermanis from Muun wallet raised concerns about the opt-in full-RBF deployment of Bitcoin Core. While the initial opt-in RBF proposal in June had invited voices from merchants and 0conf builders, Muun discovered that zero-conf apps must immediately turn off their zero-conf features when reviewing the latest Bitcoin Core release candidate. This means that they cannot accept on-chain payments from untrusted parties without waiting for confirmation. Sneidermanis explains how zero-conf apps work and the risk analysis involved in accepting payments without confirmation. However, full-RBF adoption works on three different layers - the transaction application layer, the transaction relaying layer, and the transaction mining layer. An application cannot control whether a replacement to an incoming transaction is relayed via full-RBF, leaving it vulnerable to attacks from miners and anyone with an easy-to-use interface.Other issues that need fixing include mental models for unconfirmed incoming transactions and block explorers as payment receipts, which are currently not supported by most explorers. Muun has to transition from using zero-conf submarine swaps to using payment channels, affecting over 100k monthly active users. While the bitcoin user of tomorrow may expect both 0conf and Lightning, Antoine notes that relying only on first-seen and lack of RBF as a solo ground to estimate the safety of an incoming transaction isn't that robust in a distributed system like the p2p network. Building management risks framework on top, as additional security layers sound a far more compelling approach from a developer perspective. He also believes that saying RBF causes more problems than it resolves sounds hard to hold as a line. The ability to replace-by-fee previous bids and have them propagating well on the network is fundamental for LN security, and time-sensitive transactions must be included before a given height to ensure funds' safety.
Updated on: 2023-06-16T01:03:53.931225+00:00