mempool – What’s wrong with the recent “one-shot fee rate replacement” proposal?

TL;DR: Due to the two sets of asymmetric rotation rules, a total of 5 transactions is enough to create a rotation cycle that beats each other. This allows an attacker to rebroadcast the same transaction over and over again, paying for at most one small transaction per block.

There are 2 confirmed UTXOs. C1 and C2. Let’s say 20s/vB is the bottom of the first block.

1. Generate large, low-fee transactions. tx_LL 1 second/vB to 100,000 vB (fee: 100,000 seconds). Consumes confirmed output. C1 And here is the output tx_LL:0.
2. Attach small, low-fee transactions. tx_LS As a child using 100vB at 1s/vB (fee: 100s) tx_LL:0.

3. you rbf tx_LS With high-cost transactions C2 and tx_LL:0 In a new deal tx_HS. tx_HS It has 5000vB and pays 21s/vB, but it consumes output at the upper end of the lower rate, so its mining score is only 1.95s/vB.

4. you rbf tx_LL and tx_HS with tx_LM You have 100,000 vB and pay 3.05 s/vB (fee: 305,000 s) using the output. C1 and C2. This is acceptable. tx_LL Because it is a direct conflict tx_HS You don’t have to win it yourself.

5. Replace using the new RBFr rules. tx_LM Small, high-fee transactions tx_RBFr With 100vB you pay and spend 20s/vB (fee: 2000s). C2 And make it the top block of the mempool. tx_LM It was not scheduled to be in the next block, tx_RBFr Pay more than 1.25 times the commission. tx_LM. So this is allowed under the new rules.

6. Then rebroadcast it. tx_LL and tx_LS because C1 No more spending.

7. Replace both immediately. tx_LS and tx_RBFr with tx_HS. tx_HS It has a commission rate of 21s/vB, which is higher than: tx_RBFr (20s/vB) and tx_LS (1s/vB) and pays more absolute fees than both (105,000s vs 2000s + 100s). But because it’s that child’s child tx_LL The mining score is only 1.95s/vB.

Repeat 4.~7. The idea is to cycle through every node in the network with the same five transactions ad nauseam. Rolling the lock time or sequence so that the transaction has a new TXID at each iteration while using the same UTXO. The only transactions at risk of being mined are: tx_RBFr Cost is 2000 seconds. If it is included in the block, re-initiate the newly confirmed UTXO into your account. c2'.