I haven't seen this argument for RBF/full-RBF being discussed:
An attacker sends a tx (T) to a merchant and at the same time sends a double-spend tx (D) to the rest of the network, hoping that D will prevail, except on the target node.
If T is not replaceable, the merchant will not become aware of D until D is mined.
1/n
If T is replaceable, the merchant can wait X seconds before sending the good or service. If no double spend has happened within X seconds, they can be pretty sure that this particular attack isn't being pulled off.
Has this been brought up as an advantage for RBF/fullRBF before? I'm looking for links to such discussions?
2/n
A typical attack that utilizes RBF is to send the replacement transaction right after the good or service is delivered. This makes for a window of failure for the attacker. The longer delivery takes, the higher the risk of attack failure. The merchant can thus wait X seconds before delivery, to somewhat deter attempts at this attack.
With the attack descibed above, if D is successfully propagated to miners, there is no risk of failure if T isn't replaceable. So the problem boils down to how to get D to miners, before the merchant's node propagates T to said miners. On the other hand if T is replaceable, the merchant will become aware of D within the time of normal transaction propagation.
@pete @harding any thoughts on this?
4/4
@kalle @harding The simultaneous payment attack is one really good reason why so few merchants accept unconfirmed payments. It has been exploited before and people have lost a ton of money due to it. You can't realistically stop it without the aid of a centralized payment provider that sybil attacks the network to monitor propagation.
BTCPay actually turned on full-rbf recently, because you might as well: https://github.com/btcpayserver/btcpayserver-docker/pull/736
@pete
Oh, that last part was a really good point. Thanks!
@harding