Enable sanctions enforcement in Spam Filter Code #29416

issue derekm openend this issue on February 9, 2024
  1. derekm commented at 3:57 pm on February 9, 2024: none

    Please describe the feature you’d like to see added.

    As a miner operating within a sanctions regime, I need to be able to reject transactions and maybe even blocks that contain sanctioned hashes.

    Powerful sanctions regimes provide lists of sanctioned hashes for all major blockchains, including Bitcoin. These hashes end up being incorporated into output script templates that reside on the Bitcoin blockchain, and when these hashes are included, transactions need to be rejected.

    Yes, the problem to be fixed is described in Issue #29137

    Describe the solution you’d like

    Sanctions File

    Sanctions regimes list their sanctioned hashes in standard address formats.

    These hashes can be extracted from official sanctions files into a simple text file of one address per line. (To avoid semantical arguments, this file SHOULD NOT be seen as containing a list of sanctioned addresses; rather, it contains a list of sanctioned hashes that may later on be incorporated into standard output script templates.)

    An example sanctions file extracted from OFAC’s sdn_advanced.xml file is available in @0xB10C’s ofac-sanctioned-digital-currency-addresses repository: https://github.com/0xB10C/ofac-sanctioned-digital-currency-addresses/blob/lists/sanctioned_addresses_XBT.txt

    Command Line Arguments / Configuration File Options

    Proposed command line options:

    • -checksanctions=filename : Enforce sanctions during transaction validation by loading the sanctions search tree from a specified text file (Default filename: sanctions.txt)
    • -sanctionblocks : Enforce sanctions by rejecting new blocks that contain sanctioned transactions

    Runtime Operation

    If I am subject to a sanctions regime, I need to be able to optionally turn on sanctions enforcement. Sanctions need to be enforced when transactions are validated, such as during mempool acceptance, package relay, and possibly block validation (but not initial block download).

    Load sanctions file & populate search tree

    On startup, the sanctions text file is read and the encoded script template hashes are decoded into their byte arrays in accordance with addresstype.{h,cpp} and/or script/solver.{h,cpp}.

    As each sanctioned hash is decoded into its std::vector<unsigned char>, it is added to a trie data structure for efficient matching during transaction validation.

    A ternary search tree that can take std::basic_strings backed by std::vector<unsigned char> is available to the Bitcoin source code via its dependency on Boost: https://www.boost.org/doc/libs/1_84_0/libs/spirit/doc/html/spirit/qi/reference/string/symbols.html

    Reject transactions containing sanctioned hashes

    Any time a sanctions-enforcing node takes in a new transaction or a new inventory of transactions, that node needs to check txin output scripts and txout output scripts for sanctioned hashes.

    Optionally reject sanctioned blocks

    If a particular sanctions regime encompasses enough hash power, then sanctions-enforcing miners can safely orphan blocks containing sanctioned transactions.

    Describe any alternatives you’ve considered

    The exact trie data structure to use for acceptable performance could be evaluated further.

    Please leave any additional context

    Several miners have implemented their own sanctions enforcement mechanisms, with private or unpublished patches going back to as early as 2014. These implementations are neither efficient not economical to maintain. A standard implementation that can be optionally relied upon by miners in sanctions regimes is becoming a necessity.

  2. derekm added the label Feature on Feb 9, 2024
  3. jonatack commented at 4:55 pm on February 9, 2024: contributor
    You are free to add this feature to your own fork of this open source software, but barring unforeseen circumstances, it won’t achieve consensus and be merged in this project. Like your previous issue #29137, this will probably be closed as not planned.
  4. 0xB10C commented at 5:23 pm on February 9, 2024: contributor

    -sanctionblocks : Enforce sanctions by rejecting new blocks that contain sanctioned transactions

    I guess you’re aware that anyone using that would hard fork off of Bitcoin. A few questions for you to consider: What happens when someone is doing IBD with this option enabled? Would they hard fork at the same height as the other nodes on the network? What happens when a part of the network updates their sanctioned list while another part of the network hasn’t yet updated?

  5. achow101 closed this on Feb 9, 2024

  6. bitcoin locked this on Feb 9, 2024

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-09-19 07:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me