p2p: Slightly more private initial tx relay #15668

pull MarcoFalke wants to merge 1 commits into bitcoin:master from MarcoFalke:1903-p2pSlightlyPrivateTxRelay changing 7 files +128 −28
  1. MarcoFalke commented at 4:34 pm on March 26, 2019: member

    Transactions from the wallet or RPC are sent to all inbound and outbound peers initially. Outbound connections are chosen by us, whereas inbound connections are cheap to initiate, so inbound peers are more likely to be spy nodes in an adversarial setting.

    We can improve the privacy of our initial tx relay by not relaying to inbound peers until some timeout.

    My current implementation is an untested draft looking for conceptual review.

    The idea is to keep a node-specific relay map that is populated (just like the global mapRelay) via the trickle logic. This is required because there is currently no other way in Bitcoin Core to relay without revealing that we were the source of the transaction. In the future this relay mechanism could be replaced by Dandelion or a mechanism to send the transaction over tor.

    The transaction is still added to the mempool, which means an active (tx-creating) attacker could find that we were the source of the transaction in some corner cases. (E.g. They can create descendant txs and trigger a mempool limit). However, it should not be possible to simply request the transaction, since it was only added to a peer specific relay map.

    After some timeout the transaction is pushed to all peers as a fallback.

  2. p2p: Slightly more private tx relay 1e2203b51b
  3. DrahtBot commented at 4:39 pm on March 26, 2019: member

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #15253 (Net: Consistently log outgoing INV messages by Empact)
    • #14032 (Add p2p layer encryption with ECDH/ChaCha20Poly1305 by jonasschnelli)
    • #9381 (Remove CWalletTx merging logic from AddToWallet by ryanofsky)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  4. gmaxwell commented at 4:42 pm on March 26, 2019: contributor

    This is a near perfect distinguisher that lets a network observer tell wallet generated transactions from non-wallet generated transactions. E.g. if you are a spy, also connect in to anyone who connects out to you. Then observe transactions which were announced on the outbound links but are not included in announcements on your links into them.

    Virtually any network behaviour that is different for wallet txn and non-wallet txn results in strong distinguishers.

    The transaction is still added to the mempool, which means an active (tx-creating) attacker could find that we were the source of the transaction in some corner cases. (E.g. They can create descendant txs and trigger a mempool limit). However, it should not be possible to simply request the transaction, since it was only added to a peer specific relay map.

    They don’t need to do anything as elaborate as creating descendant txs, they can just INV the transaction at you to see if you’re aware of it. :)

  5. DrahtBot added the label P2P on Mar 26, 2019
  6. DrahtBot added the label Wallet on Mar 26, 2019
  7. MarcoFalke commented at 5:21 pm on March 26, 2019: member
    Makes sense. And since we already send the inv to outbound peers earlier (PoissonNextSend), the effects of this couldn’t be that large anyway.
  8. MarcoFalke closed this on Mar 26, 2019
  9. MarcoFalke deleted the branch on Mar 26, 2019
  10. DrahtBot locked this on Dec 16, 2021


MarcoFalke DrahtBot gmaxwell

Labels
Wallet P2P

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-21 21:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me