But this is not symmetric analogy.
An attacker may only want to (discretely) jam decentralized exchanges, not (boisterously) bring the entire internet crashing down.
You incorrectly assume some single point of failure. Remember it is decentralized, so the attacker would have to Ddos all the participants all the time. You also incorrectly assume that it will be possible to identify which are specifically DE packets. I have provisions to encapsulate the DE packets with a layer of encryption so they cant be differentiated from other types of traffic. If needed, steganographic techniques could even be used to get the data through. If that doesnt work, there are zero knowledge ways to transmit the DE traffic. So there are quite many levels of defenses that are possible
Sounds like InstantDEX would have an incentive to attack the victim since victim won't bother to apply for 0.13% refund, so victim will try again and thus pay 0.26% fees.
why would InstantDEX want to attack its own users? That seems quite counterproductive. The volumes of an attackfree DE is much more than double one plagued by attacks. Due to the nature of the internet, over time there will be failed transactions, so eventually the users will recoup the fees. There is no permanent gain of fees from failed trades, so it is a liability on the books. There is no gain for InstantDEX to abuse its own customers.
If you refund, then attacker has no cost of jamming, or do you have a way to identify which party was the attacker? How can you differentiate a glitch/slowness in the network from a true jamming attack. What is the attacker DDoS attacks the victim and victim can complete the protocol.
Once things are automated, probably just allow for automated refunds, it is all pretty much at dust levels so the only concern is the customer support time. With an automated system, it wont be any big burden.
The attacker would be the one who is responding to a match offer, so if an address has 1000 failed trades out of 2000, it wouldn be easy to notice that. Worst case, even if the attacker doesnt lose money, they dont gain anything.
An attacker can build reputation before attacking, by trading with himself, i.e. reputation can be Sybil attacked.
I have a reputation system that cannot be sybil attacked, trading with yourself wont do any good. And before you say its not possible, let me say that it is, at least one that will be very expensive for the attacker and that is what it is all about, making the attacks cost more than the expected return.
Sorry I have thought deeply and there is no solution for decentralized exchange. Although I love it ideologically and I was very positive on you doing it, I unfortunately have to conclude that is not viable and should be abandoned. I am trying to help you not waste time on deadends. I invested my effort precisely because I wanted to help you.
Sorry, you are wrong. Maybe it will be the first time this happens? I believe that it is quite difficult to prove a negative, in spite of your claims. While I just need to make it work, and since I have quite a lot of techniques at my disposal, I am very optimistic I will get it to work.
You have no economically viable attack. Just because something is possible, that doesnt mean it is certain to happen, especially when it is economically non-viable. In crypto, the math protects us, so as long as the math yields a negative expected return, it wont attract the money motivated attackers. And if idealogical attackers conduct a permanent attack, I will just have to resort to adding highly leveraged and encrypted comms to make it very cost prohibitive to conduct any large scale attack. It would be a pain to do, but if needed, the DE can be conducted via zero knowledge networking.
I really dont think we can dismiss a project before the real world performance is established. If the failure rate is 90%, of course it wont be used. If the failure rate is 0.1%, then I dont think that will be a large deterrent.
The question is what will the real world failure rate be. I claim that NOBODY is able to predict this ahead of time. I prefer to get a real world results before making any decisions based on theory.
Until there is some significant volume being traded, it seems nonsensical for it to be attacked like that. And by the time there is a significant volume being traded, the more advanced defenses will be ready.
In order for it to fail, either InstantDEX itself would have to attack its own users or there needs to be an attacker from day one who doesnt care about costs, interfering with every single trade AND that I wont be able to devise defenses against this. Defenses can be via reputation system, insurance system, refund system, technically leveraged protections, among others. And all will have to fail with a constant and permanent attacker always interfering with significant numbers of trades.
You really believe this is 100% certain to happen?
James