den
May 8, 2019, 8:52pm
1
https://twitter.com/anguschampion/status/1126186844809564161?s=21
One zooko liked ( I still need to figure out his logic in liking some tweets )
Concerning this DoS attack that is being mentioned here too by Peter Todd, could somebody that understand the tech enough explain the gravity / seriousness / implications (or absence … )
of such a bug ?
I admit i have no idea either, but here the link directly to the gifthub:
opened 10:55PM - 02 May 19 UTC
D-economics
I-dos
F-tx-fees
Currently it is relatively easy to deny service simply by submitting many large … transactions. The standard fee of 0.0001 ZEC is not dependent on transaction size, and miners using zcashd's `getblocktemplate` to prioritize transactions will not take size into account for transactions containing JoinSplits or Sapling Spends/Outputs. Note that Sapling Output proofs can be reused for multiple output notes, allowing transactions to be inflated to any desired size at low computational cost. This also increases the effectiveness of the attack for DoS, because legitimate users will have to scan all of those outputs to detect incoming payments. #3229 is a related ticket.
It is unclear whether basing fees on transaction size would be sufficient, but it would help somewhat against non-mining DoS attackers. A mining attacker can already just mine empty (i.e. coinbase-only) blocks.
It is essential that any solution to this problem does not end up charging excessive fees to legitimate users.
kek
May 8, 2019, 9:22pm
3
there’s no way twitter’s good for peoples’ longterm health.
5 Likes
It is essential that any solution to this problem does not end up charging excessive fees to legitimate users. These are real thoughts!