New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature: Psbt fee checks #2064
Feature: Psbt fee checks #2064
Conversation
0e26d11
to
c3f8301
Compare
c3f8301
to
63f500e
Compare
I have learned to live with those rust-analyzer errors. Also interested in seeing if anyone else has a solution for those. |
63f500e looks good to me, except that I think we should simply drop the "fee ratio" stuff. The network doesn't respect any sort of value-to-fee ratio. It's also not obvious which direction this ratio goes, nor how the "value" is determined in a multi-output transaction, so I think people are likely to use this incorrectly. Though if we were to have such a thing, I agree that "fees are 10x the value" is a good starting point.. |
I think this is the biggest issue. Since "fee rate" is a concept that 99 out of 100 devs will understand without much explanation, but this new "fee ratio" concept being I myself had to run some scripts on a local indexed set of transactions and got medians, means, and distributions of fee ratio before I came to the conclusion of 10x being high enough to reduce false positives. Going back to genesis, in general people sent larger BTC amounts (when you include change, even moreso) and fees were usually fixed at 0.0001 BTC until around 2017. So fee ratio averaged out to about 0.03 ish. In more recent times, there's a lot more variance, but the median is still around 0.1 and the mean is around 0.3 (meaning if the sum of outputs is 0.1 BTC, your fee is 0.03 BTC) When I looked into outliers, I found that 10.0 and above tend to jump up to 90.0, 120.0, etc. (I think the famous over-pay from the other day was a fee ratio of about 150.0) and there were not a lot of instances of txes in the 10.0 - 50.0 range. That said, I think that maybe this can be fixed with better documentation. The point of this new code is not to represent some sort of network phenomena, but rather to prevent fat-fingered sends of large fees (usually stemming from forgetting / clobbering the change output somehow). I am still open to removing the fee ratio part, but I'd like to hear some other opinions about it before I remove it. |
63f500e
to
0723d88
Compare
If this is, as stated, just fat-finger protection then I don't think we need the added complexity of a fee ration - just pick a sane default for the max fee rate. |
48497be
to
d25d0da
Compare
|
ceaf0cb
to
2e22a99
Compare
Removed the new internal functions and instead use the existing |
2e22a99
to
7f6980e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 7f6980e
Any comments on #2064 (comment) this?
vs
Considering sat/vByte is the accepted unit right now..... I think using the latter would be better. Thoughts? |
I have very little preference, but agree that "sat/vbyte" is probably better and more familiar. I'd also like to stick a |
7f6980e
to
a64c3ad
Compare
I was reviewing while you force pushed so I might have commented on old state. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK a64c3ad -- though @tcharding's comments all sound reasonable to me.
a64c3ad
to
488a7c6
Compare
I'm going to add tests later today. |
Maybe tomorrow. heh. |
488a7c6
to
dac627c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK dac627c
Looking good man, can you re-write the PR description please (since there is not a descriptive commit log on the patch we are relying on the PR description for context on this work). |
Updated the main post. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK dac627c
FWIW I rekon this is ok to go in before release although it is not explicitly mentioned in the release tracking discussion. |
Closes #2061
These new methods on Psbt will add checks for high fees by default. The threshold for "high fees" is currently set to 25000 sat/vbyte, which is about 20x higher than the highest next block fees seen on the "Mempool" website.
The primary goal of this change is to prevent users of the library from accidentally sending absurd amounts of fees.
(ie. Recently in September 2023 there was a transaction that sent an absurd amount of fees and made news in the Bitcoin world. Luckily the mining pool gave it back, but some might not be so lucky.)
There are variants of the method that allow for users to set their own "absurd" threshold using a
FeeRate
value. And there is a method that performs no checks, and the method name is alarming enough to draw attention in a review, so at least developers will be aware of the concept.