On Mon, Nov 13, 2023 at 02:18:16AM +, Antoine Riard wrote:
> Your two latest mails.
>
> > The problem that OP_Expire aims to solve is the fact that Carol could
> prevent
> > Bob from learning about the preimage in time, while still getting a
> chance to
> > use the preimage herself. OP_Expire
Your two latest mails.
> The problem that OP_Expire aims to solve is the fact that Carol could
prevent
> Bob from learning about the preimage in time, while still getting a
chance to
> use the preimage herself. OP_Expire thoroughly solves that problem by
ensuring
> that the preimage is either
On Wed, Nov 08, 2023 at 12:51:31AM +, Peter Todd via bitcoin-dev wrote:
> > In a post-package relay world, I think this is possible. And that
> > replacement cycling attacks are breaking future dynamic fee-bumping of
> > pre-signed transactions concerns me a lot.
>
> Well the answer here is
On Mon, Nov 06, 2023 at 06:45:21PM +, Antoine Riard wrote:
> > I think you are misunderstanding a key point to my OP_Expire proposal:
> because
> > the ability to spend the preimage branch of the HTLC goes away when the
> refund
> > branch becomes available, replacing cycling or any similar
> I think you are misunderstanding a key point to my OP_Expire proposal:
because
> the ability to spend the preimage branch of the HTLC goes away when the
refund
> branch becomes available, replacing cycling or any similar technique
becomes
> entirely irrelevant.
> The situation where Carol
On Fri, Nov 03, 2023 at 05:25:24AM +, Antoine Riard wrote:
> > To be clear, are you talking about anchor channels or non-anchor channels?
> > Because in anchor channels, all outputs other than the anchor outputs
> provided
> > for fee bumping can't be spent until the commitment transaction is
> The idea with package relay is that commitment transaction fees will
> be zero and that fees will always be paid via CPFP on the anchor
> output.
Yes, even if multiple commitment transactions are pre-signed with a RBF
range of more than zero, an attacker can always select the lowest fees
> To be clear, are you talking about anchor channels or non-anchor channels?
> Because in anchor channels, all outputs other than the anchor outputs
provided
> for fee bumping can't be spent until the commitment transaction is mined,
which
> means RBF/CPFP isn't relevant.
I think the distinction
On Thu, Nov 2, 2023 at 6:27 AM Peter Todd via bitcoin-dev
wrote:
>
> On Thu, Nov 02, 2023 at 05:24:36AM +, Antoine Riard wrote:
> > Hi Peter,
> >
> > > So, why can't we make the HTLC-preimage path expire? Traditionally, we've
> > tried
> > > to ensure that transactions - once valid - remain
Hi Peter,
> So, why can't we make the HTLC-preimage path expire? Traditionally, we've
tried
> to ensure that transactions - once valid - remain valid forever. We do
this
> because we don't want transactions to become impossible to mine in the
event of
> a large reorganization.
I don't know if
On Thu, Nov 02, 2023 at 05:24:36AM +, Antoine Riard wrote:
> Hi Peter,
>
> > So, why can't we make the HTLC-preimage path expire? Traditionally, we've
> tried
> > to ensure that transactions - once valid - remain valid forever. We do
> this
> > because we don't want transactions to become
> By redefining a bit of the nVersion field, eg the most significant bit, we
> can apply coinbase-like txout handling to arbitrary transactions.
We already have that in OP_CHECKSEQUENCEVERIFY. You can have a system with no
coinbase transactions at all, and use only OP_CHECKSEQUENCEVERIFY on
On Fri, Oct 20, 2023 at 10:58:32PM -1000, David A. Harding wrote:
> On 2023-10-20 14:09, Peter Todd via bitcoin-dev wrote:
> > The basic problem here is after the HTLC-timeout path becomes spendable,
> > the
> > HTLC-preimage path remains spendable. That's bad, because in this case
> > we want
> >
On 2023-10-20 14:09, Peter Todd via bitcoin-dev wrote:
The basic problem here is after the HTLC-timeout path becomes
spendable, the
HTLC-preimage path remains spendable. That's bad, because in this case
we want
spending the HTLC-preimage - if possible - to have an urgency attached
to it to
On Mon, Oct 16, 2023 at 05:57:36PM +0100, Antoine Riard via bitcoin-dev wrote:
> Here enter a replacement cycling attack. A malicious channel counterparty
> can broadcast its HTLC-preimage transaction with a higher absolute fee and
> higher feerate than the honest HTLC-timeout of the victim
15 matches
Mail list logo
