New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Correct the CF fee computation #28
Conversation
03fe4eb
to
7032eac
Compare
Model/utils.py
Outdated
@@ -7,6 +7,10 @@ | |||
# Maximum standard transaction size, in virtual bytes | |||
MAX_TX_SIZE = 100_000 | |||
|
|||
# The maximum sats to decrease from a single fb coin amount to pay for | |||
# the CF tx fees. | |||
UNREASONABLE_VALUE_DECREASE = 10_000 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer to set this to something much lower, like 100
or 1_000
. The refill needs to pay for the CF fees, not the fb coins!!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should not have this hack of taking value from the fb coins if this is not negligible (like a few dozens sats)
7032eac
to
2bb3185
Compare
2bb3185
to
3f7bcf0
Compare
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
3f7bcf0
to
43b7565
Compare
Model/statemachine.py
Outdated
# If not enough to pay for the fee, slightly reduce the value of each | ||
# feebump coin. | ||
# Note the rest of the division is just taken from the fees. | ||
outputs_decrease = (cf_tx_fee - remainder) // num_outputs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of guestimating an UNREASONABLE_VALUE_DECREASE
perhaps you could check the amounts for the new outputs. It doesn't make sense to take away from coin amounts without guaranteeing the amount will remain positive and above min_fbcoin_value
.
So i'd say, if deducting the amount by outputs_decrease leaves the coin with more than `min_fbcoin_value', its ok. Otherwise, don't deduct yet, try again with new remainder to deduct. Like this:
remainder_to_deduct = cf_tx_fee - remainder
while remainder_to_deduct > 0:
none_deducted = 0
outputs_decrease = remainder_to_deduct // num_outputs
for i in range(len(self.fbcoins)-num_outputs, len(self.fbcoins)):
if self.fbcoins[i]["amount"]-outputs_decrease > self.min_fbcoin_value(block_height):
self.fbcoins[i]["amount"] -= outputs_decrease
remainder_to_deduct -= outputs_decrease
else:
none_deducted += 1
if none_deducted == num_outputs:
raise CfError("Fee cannot be generated by deducting from new outputs")
It may still make sense to raise CfError if the outputs is greater than some arbitrary unreasonable value. But I think this approach is safer?
0191764
to
8ad49b0
Compare
Phew, Finally! I think this is now in a pretty final state: i squashed #31 here to always compute the CF fee as we go. |
8ad49b0
to
6a866d6
Compare
6a866d6
to
6c312bc
Compare
We could have happily removed hundreds of thousands of sats from the fb coins. It's much safer (and cleaner) to preemptively compute the CF tx fee to avoid trying to create one we can't afford that we'd then have to use dangerous hacks to pay for. Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
6c312bc
to
3908ba5
Compare
|
||
# Don't create a new set of outputs if we can't pay the fees for it | ||
if total_to_consume - consumed <= cf_tx_fee: | ||
break |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: the second break condition is stricter than the first and will always break if the first was to break. So the first isn't necessary?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, bad reflex of working with unsigned integer. It could overflow if this was the case. Here it won't but it's no big deal either
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack 3908ba5
Based on #27.
I at first wanted wanted to refactor this code because the logic was unintuitive, but i actually think it's not reasonable at all. This proposes a new algorithm which will decrease the outputs up to a fixed amount, and fail earlier if we can't pay for the CF fees. We should never create such CF txs.