Grin-Bitcoin Adaptor Signature Atomic Swap update thread

OK, I understand now what you mean, thanks for clarifying. Aside from the mempool fee issues we discussed, I don’t think there’s much that can be done. Perhaps communicating over Tor will make targeted attacks less likely? This problem seems inherent to any protocol that requires a participant to interact with the p2p network within a certain period of time.

“Seen first” is a propagation rule, not a consensus rule. It’s generally unsafe to make security assumptions based on propagation rules. If Alice talks to miners directly, and offers them a fee to mine her tx instead of Bob’s, then she gains the upper hand. Her nonce/secret won’t be revealed to Bob until her Grin tx is confirmed, and if she’s lucky enough to get a confirmation on the BTC tx before her Grin tx confirms, she will in fact walk away with all the coins.

I’m not sure if the non-interactive aggregation properties of Grin may make out-of-band transaction replacement harder (I suspect Alice can help miners to undo the aggregation of Bob’s tx, seeing as she knows the tx?), but ultimately this still doesn’t guarantee the attack won’t occur.

1 Like