<articmine> The fee is protection only if the transaction is mined. Which is why it is critical that only transactions that are economic to mine are relayed > <@boog900> otherwise fee/cost to build the tx is the protection

<articmine> This is why the minimum node relay fee was introduced in the first place

<articmine> Also an invalid transaction gets stopped at the first node, and a node that relays invalid transactions gets blocked.

<articmine> The valid but uneconomic transactions are a much greater thread if they get relayed. It is here where the real potential for a DDOS lies

<articmine> Threat

<boog900> @articmine: FWIW this isn't the case currently, they will just get disconnected not banned, but yeah this could be changed.

<boog900> This also requires network addresses be constrained, anyone with a lot of addresses or on an anonymity networks can still DoS

<articmine> Disconnecting is likely enough to frustrate a DDOS

<boog900> some public nodes have over 100 connections, if an attacker made multiple connections they would still be able to DoS the node I think

<boog900> even if they get disconnected after every bad tx

<articmine> As for anonymity networks yes, user POW is an option. I would prefer burning small amounts of XMR as an alternative instead

<articmine> My point is that valid transactions that are not economical to mine are a far greater threat

<articmine> There is a real threat of a DDOS when the transactions are relayed by the nodes.

<boog900> if valid txs that are uneconomical to mine is enough to DDoS then txs that are economical to mine is enough to DDoS.

<boog900> Unmined txs are still spending a key image, which can only be spent once, if you can create enough txs to DDoS nodes with txs that will never be mined then you can do the same with economical txs, right?

<boog900> It does cause a separate issue where txs will be stuck in the pool until they are ejected but it shouldn't be a DoS

<articmine> With economical TXs you actually spend the fee. So it is not the same

<boog900> with uneconomical TXs you are locking your funds until the txs are ejected from the pool

<articmine> Yes but the funds are refunded. On can create massive transactions that lock up miniscule amounts of XMR

<boog900> @articmine: after days though

<boog900> not enough time to create multiple txs for spam

<boog900> you either have enough KIs with XMR to DoS the chain with valid txs, economical or not, or you don't.

if you mine a monero block you can create 2160 outputs :)

though monero-project/research-lab #108 could segregate these so that is not viable

Technically you can mine a 300 KB block consisting only of outputs, that would be around 7600-7700 outputs

or more if you go into penalties? or is that the header limit

More if you go into penalties, but then the individual outputs will get so small you won't be able to spend them

<articmine> sech1: ... but they can be reused to create valid spam transactions in the future

so 108 would be important there to enforce sweep on coinbase, to single output (segmenting coinbase/others)

but they could also just call that for each output they have

unless there's a reasonable fee applied

<articmine> Yes. At the very least 108 should be revisited in the light of FCMP++

<articmine> Especially given that churn is no longer as relevant

funnily, many coinbase inputs -> one output should probably be taxed lower than few inputs -> one output :)

relatively, not absolute

<articmine> If we take out the membership proof it will be taxed lower

<articmine> Much lower as the number of inputs inceeases