Skip to content

p2p: improve TxOrphanage denial of service bounds #109

New issue
New issue
Closed
Closed
p2p: improve TxOrphanage denial of service bounds#109
Labels
followupThis is a possible follow-up someone can work onmultiple followupswaiting on pr mergeThere is currently a PR that is open that will close this follow-up
@kevkevinpal

Description

@kevkevinpal
kevkevinpal
opened on Jul 18, 2025

mentioned in: bitcoin#31829

"> As soon as the victim package is spotted, the attacker sends their own "honest"-yet-evil cpfp packages, 404kWU total, at mempool minfee. The FIFO behavior kicks in, and the victim's child is dropped from orphanage.

I think @mzumsande made this point a few months ago as well - we don't have many guarantees if new orphans arrive much faster than we can process them. An attacker would need to pay fees for real transactions so that other peers are also sending these transactions. TLDR you could end up dropping transactions simply because the traffic is beyond the size of each peer's buffer.

Higher limits would help here (noted on 5-10x). But also, it seems like a good followup to assign different limits for outbounds vs inbounds? It seems advantageous for outbounds to take much longer to forget orphans." - glozow

Metadata

Metadata

Assignees

No one assigned

    Labels

    followupThis is a possible follow-up someone can work onmultiple followupswaiting on pr mergeThere is currently a PR that is open that will close this follow-up

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions