Date
25 April, 2023
Speakers
Transcript by
Slides: https://docs.google.com/presentation/d/12YPlmmaCiNNL83b3FDmYwa7FKHP7yD0krzkEzM-tkTM
Bad for users who want to use CPFP and L2s, but also a glaring limitation in our ability to assess transaction incentive compatibility
pinning attack: a censorship attack on relay/mempool level, abusing policy
package: any list of transactions that can be represented as a connected DAG
ancestor package: a package of 1 tx and its (unconfirmed) ancestors
Descendant package: (fill in from slides)
Package relay: relaying and validating packages together
Sender-initiated: a node proactively announces packages they think their peers should download and validate together
Receiver-initiated: nodes can request packages when they recognize they're missing something
ancpkginfo
provides a transaction's ancestorsgetpkgtxns
allows the receiver to request any subset of the announced txsShould there be a limit on the number of transactions in getpkgtxns? Should there be a limit on the number of transactions in ancpkginfo?
pkgtxns
should use the same order as getpkgtxns
ancpkginfo
SHOULD sort topologically and include all unconfirmed ancestors and the tx itself.
However we cannot enforce this without matching chainstate.
The combined hash is lexicographic, so the same set of transactinos will always have the same identifier
sendpackages
should perhaps specify how big an ancestor package would get accepted
alternatively, it should be left up to the receiver to deal with ancestor packages that are too large.
Looking for a different term for pchCommand
Q: How far is the pullrequest?
A: Tracking issue: https://github.com/bitcoin/bitcoin/issues/27463 some of the earlier pieces are opened as PRs. persisting ancestor sets over restarts, p2p messages to negotiate package relay, handling orphans more reliably. There are about 5 more functional milestones to the whole project. One or two milestones per release seems reasonable.
Orphan handling should be made more robust, e.g. we request parent information from any peer that announced an orphan, and prefer outbound peers as the source.
Q: Could the P2P changes maybe all be activated on Signet together for testing?
A: Yes, there is a branch with the whole implementation already. Unclear who needs it for testing, signet has a workaround (pseudo ephemeral anchors uses prioritisetransaction) in the absence of package relay.
Mempool, Validation, Policy could be opened for merging in parallel to Orphan handling since different reviewers would be required.
The activation of the package relay feature would set a config option to default false which only would get set to true at the end of the last milestone.
Q: How does this interact with V3?
A: V3 would follow the activation of package relay.
Going into the Milestones:
"Don’t allow anything below min relay feerate (#26933)" was merged today. We generally don’t allow transactions with an individual feerate below minRelayTxFee, but V3 will permit 0-fee txs as the parent, and CPFP can be used to get past the dynamic mempool minimum feerate.
"Persist CPFP’d transactinos across restarts (#27476)" Loading mempool.dat does not enforce minimum feerate on loading, but afterwards trims the mempool to the permitted size.
TrimToSize()
Idea 1: only protect one package per peer, or have a huge potential upper limit
Idea 2: Hard limit globally to a number of bytes, when you go over limit, evict things from peer that has sent more than 2*maxTxSize
Idea 3: Token bucket per peer to limit exposure to bad packages
Idea 2 gets the most positive feedback.
Add TxPackageTracker
Interface vision. This will be more interesting to discuss when looking at the code.
Rejection Caching
We need to continue downloading ancestor package information because someone could give you invalid information that could be superseded by correct information. However, by keeping track of what we have gotten before, we would notice when we are offered the same invalid package or something that depends on something that was relayed previously.
Community-maintained archive to unlocking knowledge from technical bitcoin transcripts