Correct the CF fee computation #28
Conversation
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
2 times, most recently
from
03fe4eb
to
7032eac
Compare
Model/utils.py
Outdated
| @@ -7,6 +7,10 @@ | |||
| # Maximum standard transaction size, in virtual bytes | |||
| MAX_TX_SIZE = 100_000 | |||
|
|
|||
| # The maximum sats to decrease from a single fb coin amount to pay for | |||
| # the CF tx fees. | |||
| UNREASONABLE_VALUE_DECREASE = 10_000 | |||
There was a problem hiding this comment.
I would prefer to set this to something much lower, like 100 or 1_000. The refill needs to pay for the CF fees, not the fb coins!!
There was a problem hiding this comment.
Vm coins are, for the majority of time, less than 10,000. For all current cf_outputs distributions Vm coins are the smallest, and I think they should be excluded from paying fees.
There was a problem hiding this comment.
I think we should not have this hack of taking value from the fb coins if this is not negligible (like a few dozens sats)
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
from
7032eac
to
2bb3185
Compare
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
from
2bb3185
to
3f7bcf0
Compare
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
from
3f7bcf0
to
43b7565
Compare
Model/statemachine.py
Outdated
| # If not enough to pay for the fee, slightly reduce the value of each | ||
| # feebump coin. | ||
| # Note the rest of the division is just taken from the fees. | ||
| outputs_decrease = (cf_tx_fee - remainder) // num_outputs |
There was a problem hiding this comment.
Instead of guestimating an UNREASONABLE_VALUE_DECREASE perhaps you could check the amounts for the new outputs. It doesn't make sense to take away from coin amounts without guaranteeing the amount will remain positive and above min_fbcoin_value.
So i'd say, if deducting the amount by outputs_decrease leaves the coin with more than `min_fbcoin_value', its ok. Otherwise, don't deduct yet, try again with new remainder to deduct. Like this:
remainder_to_deduct = cf_tx_fee - remainder
while remainder_to_deduct > 0:
none_deducted = 0
outputs_decrease = remainder_to_deduct // num_outputs
for i in range(len(self.fbcoins)-num_outputs, len(self.fbcoins)):
if self.fbcoins[i]["amount"]-outputs_decrease > self.min_fbcoin_value(block_height):
self.fbcoins[i]["amount"] -= outputs_decrease
remainder_to_deduct -= outputs_decrease
else:
none_deducted += 1
if none_deducted == num_outputs:
raise CfError("Fee cannot be generated by deducting from new outputs")It may still make sense to raise CfError if the outputs is greater than some arbitrary unreasonable value. But I think this approach is safer?
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
2 times, most recently
from
0191764
to
8ad49b0
Compare
|
Phew, Finally! I think this is now in a pretty final state: i squashed #31 here to always compute the CF fee as we go. |
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
from
8ad49b0
to
6a866d6
Compare
darosior
changed the title
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
from
6a866d6
to
6c312bc
Compare
We could have happily removed hundreds of thousands of sats from the fb coins. It's much safer (and cleaner) to preemptively compute the CF tx fee to avoid trying to create one we can't afford that we'd then have to use dangerous hacks to pay for. Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
darosior
force-pushed
the
refactor_cf_coin_decrease
branch
from
6c312bc
to
3908ba5
Compare
|
|
||
| # Don't create a new set of outputs if we can't pay the fees for it | ||
| if total_to_consume - consumed <= cf_tx_fee: | ||
| break |
There was a problem hiding this comment.
nit: the second break condition is stricter than the first and will always break if the first was to break. So the first isn't necessary?
There was a problem hiding this comment.
Right, bad reflex of working with unsigned integer. It could overflow if this was the case. Here it won't but it's no big deal either
Based on #27.
I at first wanted wanted to refactor this code because the logic was unintuitive, but i actually think it's not reasonable at all. This proposes a new algorithm which will decrease the outputs up to a fixed amount, and fail earlier if we can't pay for the CF fees. We should never create such CF txs.