Add a -permitbarepubkey option
#29309
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
Concept ACK. For me it's a good idea to already have code to do it, once merged we can discuss a default activation. |
|
Concept ACK.
There is, it gives node runners choice. |
|
Concept ACK, it's great to give users the option of filtering out potentially abusive txs 👍 |
There was a problem hiding this comment.
tACK vostrnad@8c1114a
Steps to test:
- Build vostrnad branch
- Start a regtest with
-chain=regtest - Create a wallet with
bitcoin-cli createwallet - Get address with
bitcoin-cli getnewaddress - Generate blocks to get bitcoins
generatetoaddress 500 <address obtained previously> - Create a P2PK tx, this repository can be useful to you.
- Test if the tx is accepted with
bitcoin-cli testmempoolaccept '["<RAW tx>"]'
Result obtained in my case with -permitbarepubkey=0:
[
{
"txid": "03c1140befa500e1809f5fa6950a45516f651a2e88fe252ac6c9fec393c68f11",
"wtxid": "03c1140befa500e1809f5fa6950a45516f651a2e88fe252ac6c9fec393c68f11",
"allowed": false,
"reject-reason": "bare-pubkey"
}
]
There was a problem hiding this comment.
Concept ACK
Problems of P2PK:
Security Risk: Directly exposing the public key poses a risk if cryptographic standards change or are compromised.Pubkey is invariably exposed at the spent time for all the transaction types. This is not a problem limited to P2PK.Larger Transaction Size: P2PK transactions are larger due to the inclusion of full public keys, leading to higher transaction fees.The difference becomes insignificant after the usage of compressed Pubkey as the standard.Privacy Concerns: Exposing public keys can compromise user privacy by allowing easier linkage of transactions.
Considering the flaws of P2PK and the fact that it has almost been phased out from usage (https://transactionfee.info/charts/inputs-and-outputs-p2pk/?start=2019-01-01) I think it's a good idea to default to not relaying P2PK transaction. And I believe this PR is a good first step in doing that.
Code-wise, the PR looks great, and I think it’s a good idea to go forth with test implementation for it.
Edit: Removed the Problems with the P2PK section in light of the following discussion. 1, 2, 3
| @@ -635,6 +635,8 @@ void SetupServerArgs(ArgsManager& argsman) | |||
| MAX_OP_RETURN_RELAY), | |||
| ArgsManager::ALLOW_ANY, OptionsCategory::NODE_RELAY); | |||
| argsman.AddArg("-mempoolfullrbf", strprintf("Accept transaction replace-by-fee without requiring replaceability signaling (default: %u)", DEFAULT_MEMPOOL_FULL_RBF), ArgsManager::ALLOW_ANY, OptionsCategory::NODE_RELAY); | |||
| argsman.AddArg("-permitbarepubkey", strprintf("Relay legacy pubkey outputs (default: %u)", DEFAULT_PERMIT_BAREPUBKEY), ArgsManager::ALLOW_ANY, | |||
There was a problem hiding this comment.
nit: Should we mention P2PK here?
| argsman.AddArg("-permitbarepubkey", strprintf("Relay legacy pubkey outputs (default: %u)", DEFAULT_PERMIT_BAREPUBKEY), ArgsManager::ALLOW_ANY, | |
| argsman.AddArg("-permitbarepubkey", strprintf("Relay legacy pubkey (P2PK) outputs (default: %u)", DEFAULT_PERMIT_BAREPUBKEY), ArgsManager::ALLOW_ANY, |
|
@shaavan The section "Problems of P2PK" seems completely wrong to me:
There are problems with P2PK, just not these ones. Did you perhaps use ChatGPT to generate this section? |
|
Thanks, @vostrnad, for pointing out the potential flaws in my review. Yes, I did use ChatGPT to structure my thoughts on the “problems with P2PK” in a coherent fashion, but I don’t believe the points are wrong. Taking references from, Programming Bitcoin, Jimmy Song https://github.com/jimmysong/programmingbitcoin/blob/master/ch06.asciidoc#problems-with-p2pk
Reference:
Reference:
I would love to hear your thoughts on it. Any points of correction on my understanding of the problem are very appreciated. |
If you have any other questions, please post them to Bitcoin Stack Exchange (where I'll gladly respond). GitHub comments are meant for discussing the code change at hand, not for asking general Bitcoin questions. Lastly, I would like to ask you not to use ChatGPT for writing pull request reviews. If I want to know what it'll hallucinate when asked for a review, I can ask it myself. |
|
Thanks, @vostrnad, for helping me bring clarity to my understanding. I understand that my points were made based on my limited knowledge surrounding the discussions around P2TR. And also, I made an incorrect point in my explanation. I have struck the “Problems of P2PK” section to avoid confusion for future reviewers. Lastly, though I might sometimes use ChatGPT to get better clarity on concepts or coherently express my thoughts, I will make sure to properly fact-check it before using any information when writing a review to ensure its quality. Thank you again. |
| /** Default for -permitbarepubkey */ | ||
| static constexpr bool DEFAULT_PERMIT_BAREPUBKEY{true}; |
This comment was marked as abuse.
This comment was marked as abuse.
Sorry, something went wrong.
|
@shaavan Also note ChatGPT output is not necessary clear of copyright issues, so should never be included directly. |
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
ffc6c0b to
1dfe27e
Compare
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
|
🐙 This pull request conflicts with the target branch and needs rebase. |
|
Why closing this? @vostrnad |
|
@Retropex I've rebased this enough times already for something I don't really think should be merged. Also I suspect anyone interested in this option has already switched to Knots anyway (which has it implemented). |
|
Hmm, odd choice to leave out even the ability to filter out potentially abusive txs. But sure, I guess we've started a process where Knots is the client that gives users a choice over what to relay, whereas Core just forces them to relay certain things even if they don't want to. Seems like a confusing path for Core to want to head down, but maybe mempool policy should be unbundled from the rest of the consensus code anyway. |
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
Partially fixes #29285 (adds the option but leaves the default policy unchanged)
No tests so far, if there's consensus to move forward with this I'll look into adding them.
Disclaimer: I don't care if this gets merged, personally I don't see any benefit of having this option (or
-permitbaremultisig) and I would object to changing the default policy in this regard (similar to my objections to #28217). However, as I think someone would inevitably open a PR for this, I thought this might be a good opportunity to dip my toes into Bitcoin Core development.