On Sat, Jun 03, 2023 at 11:14:27AM +0200, Joost Jager via bitcoin-dev wrote: > Depending on policy to mitigate this annex malleability vector could > mislead developers into believing their transactions are immune to > replacement, when in fact they might not be. This potential misalignment > could result in developers and businesses constructing systems based on > assumptions that could be compromised in the future, mirroring the > situation that unfolded with zero-confirmation payments and rbf. > > It may thus be more prudent to permit the utilization of the annex without > restrictions, inform developers of its inherent risks, and acknowledge that > Bitcoin, in its present state, might not be ideally suited for certain > types of applications?
In the specific case of annex replacement leading to larger transactions, in almost all cases you only care about the annex malleability causing the transaction to take longer to get mined, due to it being larger. The fact the transaction has become larger does not matter if the transaction does in fact get mined, eg due to an out-of-band payment by the "attacker". The only exception is the rare cases where some transaction processing software/hardware has actual limits on transaction size. Eg you could imagine a hardware wallet that simply *can't* process a transaction larger than a certain size due to a lack of RAM. I don't think this is a good rational to make use of the annex standard. Quite the contrary: we should be thinking about if and how to fix annex malleability in a future soft fork. -- https://petertodd.org 'peter'[:-1]@petertodd.org
signature.asc
Description: PGP signature
_______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
