Mempool leak through the eviction policy #31211

issue naumenkogs openend this issue on November 4, 2024
  1. naumenkogs commented at 2:13 pm on November 4, 2024: member

    A spy can see whether a transaction exists in a target node’s mempool before the node INV-announces it (overcoming the trickle protection).

    1. Fill all the inbound slots of the target (up to 117 by default), and make sure your connections are not protected from eviction (e.g., delay block delivery to the target, etc).
    2. Relay txA to the peer from connection CSpy.
    3. Issue more connections to the target (say, 100 more).
    4. If CSpy was not evicted while others were, it’s likely CSpy was protected because it provided a new transaction txA.

    It’s quite hard to pull off due to a lot of noise.

    A potential solution is a rolling window of recent transactions (say 1000) instead of the very recent ones.

  2. willcl-ark added the label Brainstorming on Nov 8, 2024
  3. willcl-ark added the label Privacy on Nov 8, 2024


naumenkogs

Labels
Brainstorming Privacy

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-21 09:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me