My concern isn’t over any particular feature of Grin, Bitcoin, or any other blockchain. Rather, it is about the ability of an attacker to deny service to a participant once they see the Revoke transaction posted. Maybe this is a small concern, such as an attack with the ability to fully shutdown a person’s internet acces, or otherwise prevent them from posting the Refund #2 transaction. Maybe this works by flooding the mempool, maybe its shutting off the power grid, maybe its RCE on Alice’s machine that prevents broadcast.
There are numerous scenarios where an attack could DoS a participant between the Revoke and Timeout transaction.
I hadn’t considered that scenario. Need to think about the tradeoffs more, and possible solutions. With relative timelocks, Alice would seemingly be at a total loss by waiting for Bob to post Timeout, and trying to also post Refund #2. The Timeout would be seen first by miners, and if Alice posts Refund #2 she reveals her nonce. Refund #2 will be seen as invalid (no Grin back to Alice), Bob will recover her nonce, and they will race to recover the Bitcoin transaction.
With absolute timelocks, the situation seems similar, but the race between Refund #2 and Timeout is closer. The consensus rules would allow whichever tx is seen first, as long as the timelock has passed.
Maybe I’m misunderstanding something still?