<articmine> For a 128 input tx with a 2s POW it does; however different people are saying very different things, such as applying PoWER to all TXs. > <@boog900> @articmine:monero.social: does this answer why it is not realistic that tx creators will go directly to miners

<articmine> I am at a loss as to what exactly is this supposed to deter. A single bad tx or a flood.

<articmine> If it is per connection does this mean over 3 min of POW at 2 sec per connection for 100 connections?

<articmine> Requiring this for only TXs with more than 8 inputs was a reasonable compromise until people started pushing this for all TXs

<articmine> tevador: It is not if it is only applied to greater than 8 inputs

<boog900> By applying PoWER to all txs I meant to relay any tx over p2p you need to do a 1 time PoW per connection. I suggested this after I realised we need to make PoW opt-out for P2P as we can't rely on people to opt in, so most nodes are going to be doing the PoW anyway.

<boog900> > If it is per connection does this mean over 3 min of POW at 2 sec per connection for 100 connections?

<boog900> yes although the PoW is only computed for outbound tx-relay connections only. You don't need that many connections for tx relay, and the PoW could be half that.

<boog900> For wallets/RPC the 8 input without PoW is going to be the same

<articmine> @boog900: So to be clear if I set up a full relay Monero node, and I am not the first node relaying a greater than 8 input transaction do I have to perform the POW?

<boog900> @articmine: yeah not for that specific tx tho, for any outbound connections which you want to send txs to

<articmine> You mean any tx including relay from other nodes

<boog900> yes

<boog900> you pay a 1 time PoW per connection for all txs you send, the other node has no way to know if you made the tx or not

<articmine> Since the POW is not tied to the TX

<boog900> yeah otherwise it would be PoW per tx

<articmine> PoW per TX for over 8 inputs is a far better solution

<boog900> @articmine: what should a node do when the PoW runs our

<boog900> out*

<boog900> for per tx it needs a deadline as otherwise you can build up the PoW

<boog900> if I have a full tx-pool of txs that have PoW that has run out I can't send them to anyone without doing the PoW myself

<articmine> Why would the PoW run out. Because the TXs did not pay a fee that allows for scaling?

<boog900> no it needs a very short deadline to prevent building up PoW over a long time

<articmine> Like how long?

<boog900> 10 blocks

<boog900> was the original proposal

<boog900> you can't scale that fast

<articmine> You need at least 50 blocks

<boog900> exactly but that is more time to build up PoW

<boog900> but now another issue what I send out a load of txs with almost ran out PoW

<boog900> now you have to deal with this, do you drop them or do you do the PoW

<boog900> or do you keep them in the pool

<boog900> without being able to send them anywhere

<boog900> also with PoW per tx you can reuse the PoW across multiple connections

<boog900> amplifying your attack

<articmine> The node can choose to drop them or do the PoW.

<articmine> The creator of the TX could choose the amount of PoW to do

<boog900> nice those are the 2 options yes

<articmine> @boog900: Yes this is an issue.

<boog900> you need to pick one for the node to do though

<boog900> if you drop them you make it easy to do tx-pool double spends, something a lot of people are against

<boog900> if you do PoW you open a DoS vector

<boog900> @articmine: hence we are doing PoW per connection

<articmine> Which opens another avenue for attack. Nodes in Canada attacking Nodes in Australia in January

<articmine> Back to the heat issue

<boog900> we can't keep going back to this

<articmine> Did the Canadian node drop the connections because of malice or a legitimate network issue

<boog900> outbound connections only

<articmine> We cannot ignore heat when considering POW

<boog900> dropped connections would not cause a DoS

<boog900> only doing PoW, then sending a bad tx

<boog900> getting yourself banned

<boog900> in an ideal world but the ban is not currently the case

<articmine> It is a different attack. Force Nodes in hot climates is do the POS

<boog900> @articmine: that would 100% be a DoS, how?

<articmine> To

<boog900> outbound connections only, you can't force that without owning a lot of the address space and becoming a sybil, an already known attack.

<boog900> as long as you have some good connections eventually you'll stop connecting to bad ones

<boog900> @boog900: eclipse*

<articmine> Because the nodes in the hot climates have a significantly higher cost for the POW electricity wise while the Nodes in the cold climates have effectively no cost for the electricity

<boog900> yeah but that is not the how you make them do PoW

<articmine> They need to reconnect

<boog900> the node makes its connections you can't force it to do more work

<boog900> @articmine: exactly you need to node to repeatedly choose to connect to your node

<boog900> the argument against hot/cold is not relevant here

<articmine> Over TOR how do they know

<boog900> it might be cheaper in theory to attack in Canada doesn't make it suddenly feasible

<boog900> on normal hardware*

<articmine> But as I said before how can the hot node know if the dropped connection is malicious or not

<boog900> @articmine: 1. you know the outbound address you connect to.

<boog900> 2. eclipse attacks are a lot easier on Tor

<boog900> @articmine: it doesn't matter if it doesn't try that node again

<articmine> but the hot node cannot determine malice

<boog900> @articmine: why does it need to?

<articmine> If a node is punished for something outside of the node's operator's control, it is fair to say that is centralization

<boog900> @articmine: where is there anything about punishment?

<boog900> @boog900: ^

<articmine> It does

<boog900> explain

<articmine> The node is effectively being blacklisted

<articmine> So it is punishment

<boog900> "doesn't try that node again" just means doesn't immediately try reconnect

<boog900> I meant as long as another node is chosen immediately after

<articmine> Define immediately

<boog900> the next connect attempt

<boog900> to fulfill the outbound connection count

<articmine> From the cold node

<boog900> no PoW is only done on outbound connections

<boog900> I only do PoW if I made the connection

<boog900> otherwise I check it on people connecting to me

<articmine> Doesn't this lead to a passive aggressive attack. Do the POW on 12 nodes. Wait for say 100 more nodes to connect. Then attack

<boog900> @articmine: yeah but thats not really a DoS, those nodes will check the tx, see its invalid and disconnect

<articmine> After doing the POW

<boog900> yeah, so ~2s wasted per connection

<boog900> per bad outbound

<boog900> 1s PoW + 1s bad tx

<articmine> More like 200 seconds over 100 nodes

<boog900> yeah not nearly at the levels you would be able to reach without it

<articmine> For the price of 24 seconds at -40

<articmine> C or F

<boog900> what?

<boog900> no

<articmine> 2 sec per node

<boog900> these are outbound connections, you have to wait for nodes to connect to you

<articmine> 100 nodes

<boog900> you get not advantage being in the cold

<articmine> 1 bad TX

<boog900> yes then they disconnect and ban your node for sending them a bad tx and connect to someone else

<boog900> I really thought we were getting somewhere 😭

<articmine> Yes you do. Cold is always an adventure with POW

<boog900> THERE IS NO POW FOR INBOUND CONNECTIONS

<boog900> YOU ONLY VERIFY THE ONES CONNECTING TO YOU

<articmine> I know

<boog900> no advantage for running a node listening for connections in Canada like you just sadi

<articmine> The POW for the first 12 connections is free

<articmine> Cold

<boog900> you don't need to do PoW at all for them

<boog900> as you don't need to do tx relay with them

<boog900> you just need to get your address into the network

<articmine> Just for the first 12. Then you listen

<boog900> @boog900: ^

<boog900> no advantage

<boog900> even so 12 connections worth of PoW ain't heating a house

<articmine> The is always an advantage with cold. Even if it is 1 connection

<boog900> ITS ZERO

<articmine> No

<articmine> It is not zero

<boog900> why?

<boog900> ok lets move on

<boog900> you have made my node do 2 seconds worth of work, now what?

<boog900> you are now banned

<articmine> Because the electricity is effectively free, if one is also heating the space

<articmine> I make 100 nodes do 2 seconds of work each

<articmine> Then I have a "power failure"

<articmine> Should I be banned?

<boog900> ok my node does not ban you as you did not send a bad tx (which would cause a ban) I just choose to connect to someone else

<articmine> ... and so do the other 99 nodes

<boog900> yeah exactly like the current protocol

<boog900> you are not banned

<boog900> you are not isolated your outbound connections still work

<boog900> you will get more inbound

<articmine> So an honest node in a hot climate can minimize the impact of the POW by only making very few outbound connections while an honest node in a cold climate goes crazy with outbound connections in order to support the network

<articmine> Both can end up with 100+ connections

<boog900> @articmine: well define very few, I would say the current default is fine. Also only tx-relay connection you can have more block relay with no PoW

<articmine> Sure 12 vs 100

<boog900> but like we already don't need nodes with 100 outbound connections

<boog900> anyway, you accept (albeit reluctantly) the proposal now?

<articmine> I have 5GBPS of symmetrical Internet at home here.

<articmine> Not everyone does

<boog900> @articmine: don't worry there is a proposal for that too!

<boog900> tx-realy v2 already in progress

<articmine> Like?

<articmine> I will accept the proposal

<boog900> @articmine: monero-project/monero #9334

<articmine> Yes that does deserve praise

<boog900> also 0xFFFC0000 & everyone reviewing their PR: monero-project/monero #9933

<articmine> It is critical for scaling.

<articmine> Tx Relay v2

<articmine> What is the gain. With respect to total data relays vs TX size?

<articmine> For a given Tx

<boog900> if you just look at a single tx going over 1 connection to a node which hasn't seen the tx before it is actually a ~100 byte increase

<boog900> but to a node which has seen the tx it is a constant 32 byte cost no matter the tx

<boog900> where as currently both cases require you send the full tx

<articmine> ... and the baseline is the mined transaction

<articmine> That is the 5Mbs

<articmine> So we go from an additional 15Mbs to an additional 7Mbs

<articmine> 20Mbps to 12Mbps in total

<boog900> @articmine: In the tests 0xFF did for that PR yes although I did get a better saving from just looking at the raw tx data in my proposal issue

<articmine> What I am getting at is:If I send a 10000byte transaction what is the total bandwidth spent by the average node on that transaction including the transaction in a mined block

<articmine> It comes down to comparing the sanity median to low typical and high residential bandwidth

<boog900> The average node should only need to send the full tx once so one full send plus 32 times the number of connections

<articmine> This includes the mined block?

<boog900> Nah mined blocks is a completely different system and is already covered by fluffy blocks

<articmine> So with say 100 connections it is 13200 bytes or a factor of 1.32

<articmine> That is great