I am relaying a privacy issue for Bitcoin Core that was reported on r/Bitcoin (Reddit).

The message was:

• Using coin control
• Custom change address

When one clicks the increase transaction fee button, it adds another input rather than increasing the fee by reducing the change output. Major privacy leak since you have no control of the input used.

From that it sounds like the observed behavior is that the replacement transaction includes an additional UTXO that was not chosen by the user, even though the transaction was composed as a Coin Control transaction.

So I'm assuming the expected behavior would be for Bitcoin Core to remember that this OUTPUT was actually a Custom Change Address and to then lower the amount of that OUTPUT by the amount needed for the fee bump.

And, now that I am thinking of this, isn't there the expectation that if my initial transaction was done using Coin Control, and then if my fee bump (RBF) needs another UTXO input to cover the increase in fee, that Coin Selection for that will occur (regardless of whether or not the change address was a Custom Change Address)?