Hi Peter, > Bringing up Whirlpool here is silly. Everyone knows Samourai has made, at > best, > some rather insane technical decisions. Quite likely downright malicious with > their xpub collection. Their opinion isn't relevant. Cite reputable sources.
I didn't want this thread to become a wasabi vs samourai debate instead wanted to focus on full-rbf and how it affects different coinjoin implementations. Samourai wallet can be used with [dojo][0] that includes full node and Whirlpool can be used in [sparrow Wallet][1] as well. There are several reasons to not use wasabi and consider their opinion irrelevant. Wasabi has many privacy issues including address reuse and consolidation in a coinjoin tx. They completely lost their reputation after deciding to work with chain analysis firms that help governments for censorship of some UTXOs. Even _nothingmuch_ who has contributed to Wasabi's coinjoin implementation has [no major issues][2] with whirlpool if used properly. Some [tweets][3] in this thread even show their incompetence and major issues with wabisabi. Anyway thanks for responding to other things I mentioned in last email. [0]: https://code.samourai.io/dojo/samourai-dojo [1]: https://sparrowwallet.com/docs/mixing-whirlpool.html [2]: https://twitter.com/search?lang=en&q=whirlpool%20(from%3AmHaGqnOACyFm0h5)&src=typed_query [3]: https://twitter.com/mHaGqnOACyFm0h5/status/1538748210210013184 /dev/fd0 floppy disc guy Sent with Proton Mail secure email. ------- Original Message ------- On Tuesday, January 10th, 2023 at 3:33 PM, Peter Todd <p...@petertodd.org> wrote: > On Tue, Jan 10, 2023 at 09:19:39AM +0000, alicexbt wrote: > > > Hi Peter, > > > > > ## How Full-RBF Mitigates the Double-Spend DoS Attack > > > > > > Modulo tx-pinning, full-rbf mitigates the double-spend DoS attack in a > > > very > > > straightforward way: the low fee transaction is replaced by the higher fee > > > transaction, resulting in the latter getting mined in a reasonable amount > > > of > > > time and the protocol making forward progress. > > > > Asking this question based on a discussion on twitter. How would you get > > extra sats to increase the fees? > > > You're misunderstanding the issue. There is no need for extra sats to increase > fees. Coinjoin transactions already have fees set at a level at which you'd > expect them to be mined in a reasonable amount of time. Full-RBF ensures that, > modulo tx pinning, either the coinjoin gets mined, or any double-spend has to > have a high enough feerate that it will be mined in a reasonable amount of > time > as well. > > > It seems this would be possible with Joinmarket, Wasabi and even joinstr > > although things would get worse for Whirlpool. Whirlpool coinjoin > > transactions do not signal BIP 125 RBF so they were not replaceable earlier > > > Bringing up Whirlpool here is silly. Everyone knows Samourai has made, at > best, > some rather insane technical decisions. Quite likely downright malicious with > their xpub collection. Their opinion isn't relevant. Cite reputable sources. > > Anyway, Wasabi would like to move to making coinjoins opt-in to RBF. Though > full-rbf may come sooner; for technical reasons opt-in RBF is ugly to > implement > now as activation needs to be coordinated accross all clients: > > https://github.com/zkSNACKs/WalletWasabi/issues/9041#issuecomment-1376653020 > > > however attacker would be able to perform DoS attacks now by double > > spending their inputs used in coinjoin. > > > As I explained, attackers can already do this with or without full-rbf simply > by picking the right time to broadcast the double spend. It's not an effective > attack anyway: with a UTXO you can already hold up a coinjoin round by simply > failing to complete stage #2 of the coinjoin. Actually doing a double-spend > simply guarantees that you're spending money on it. It's only effective with > low-fee double-spends in the absence of full-rbf. > > > This tweet is nuts. Eg "Gives well connected mining pools an added advantage" > is simply false. Full-RBF does the exact opposite. > > -- > https://petertodd.org 'peter'[:-1]@petertodd.org _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
