Add server-side check for insanely high fees. #63
Conversation
coinjoin/coinjoin.go
Outdated
| @@ -219,6 +219,11 @@ func feeForSerializeSize(relayFeePerKb int64, txSerializeSize int) int64 { | |||
| return fee | |||
| } | |||
|
|
|||
| func paysHighFees(relayFeePerKb, fee int64, txSerializeSize int) bool { | |||
| maxFee := feeForSerializeSize(50*relayFeePerKb, txSerializeSize) | |||
There was a problem hiding this comment.
This value (50x over the standard fee rate) may need tweaking. This same function in dcrwallet defines high fees as paying over 1000x the standard rate.
We need to be cautious setting this too low, because it may disrupt the mixes at the lowest common denomination used for change mixing, as those transactions do not produce any change outputs.
There was a problem hiding this comment.
After doing the math I believe this check should be for anything paying 104x or more than the required fee.
The lowest common denomination is 0.00262144, and the required fee to be contributed is 0.00002530.
0.00262144 / 0.00002530 = 103.6
So paying up to 103x can actually occur normally. But 104x or more indicates a problem.
There was a problem hiding this comment.
Or 121 because the required fee without the change output is actually lower (0.0000217).
0.00262144 / 0.0000217 = 120.8
Goal is to prevent a situation like decred/dcrwallet#2000 from happening again even if users are running the buggy client code. While here, the fee calculation is fixed to consider the cost of input scripts to redeem P2PKH outputs. Even if this is not the case, minimum fee requirements in dcrd use the same assumption.
Goal is to prevent a situation like decred/dcrwallet#2000 from
happening again even if users are running the buggy client code.