Author

Topic: RBF. What are the dangers of making it mandatory for all Transactions? (Read 290 times)

hero member
Activity: 462
Merit: 767
Instant cryptocurrency exchange with own reserves!
RBF is just a feature to allow unconfirmed transactions to be bumped up through the fees, I don't see any relation between RBF and centralized exchanges because even if by default RBF is enabled by all the nodes as a consensus rule, the centralized exchanges will remain the way they are because they have fixed transactions for withdrawals and that's where they make money as a business.
Yeah, I know that. That's why I said it's a stupid question. Even if all nodes enable RBF, centralized exchange users won't be able to control their Bitcoin. With that stupid question, I would request everyone to move their Bitcoin out of the exchanges. About some other wallets that do not have a coin control feature, what will they do? Unfortunately, no organization can force those wallets to include a coin control feature.

Quote
However, the advantage of the stable fee they collected sometimes favours the users in the sense that if the mempool is full, they pay more than what is expected of you assuming you are the one making the transaction. For instance, the median fee might be 250 sats per vbyte and you may be required to pay $20 but they sometimes suspend transactions when there is congestion, smart move right.
There was a time when Binance was charging 20000 Satoshi for Bitcoin withdrawals, which was around $5 at that time. However, a transaction could have been confirmed with ten sat/vB, and the cost was less than $1. When the mempool started getting busy, Binance raised it to 0.00075 BTC, which is around $33. But, general Bitcoin users can confirm their transaction spending around $10-$15. Of course, it depends on their transaction size and many other factors. But Binance charges $33 for each withdrawal Smiley. Look how profitable it is.
legendary
Activity: 2380
Merit: 5213
I read double spend is possible even the transaction isn't full RBF, so I guess saying double spend occur in full RBF is the disadvantage or danger isn't entirely correct.
There is no such thing as a transaction being full RBF.
Full RBF is a setting for nodes and if that's enabled, they treat all transactions as RBF-enabled.

If you flag your transaction as RBF, almost all nodes would accept the replacement transaction.
If you don't flag your transaction as RBF, only nodes that have enabled full RBF would accept the replacement transaction.  
(This is assuming the fee paid for the replacement transaction is sufficient.)
hero member
Activity: 1106
Merit: 912
Not Your Keys, Not Your Bitcoin
The question is in the title.
I was reading on some other topic on this Board and it got me curious.  Why is RBF not by default for all Transactions on the Blockchain?

I would love to ask a stupid question. What will happen if all transactions are RBF by default? Do centralized exchange users get control over their transactions?  Cheesy Some wallets have to do some work to implement these features. There are a lot of users who use Trust Wallet these days, which gives them the seed phrase! Still, the users do not have options to enable RBF.

RBF is just a feature to allow unconfirmed transactions to be bumped up through the fees, I don't see any relation between RBF and centralized exchanges because even if by default RBF is enabled by all the nodes as a consensus rule, the centralized exchanges will remain the way they are because they have fixed transactions for withdrawals and that's where they make money as a business. However, the advantage of the stable fee they collected sometimes favours the users in the sense that if the mempool is full, they pay more than what is expected of you assuming you are the one making the transaction. For instance, the median fee might be 250 sats per vbyte and you may be required to pay $20 but they sometimes suspend transactions when there is congestion, smart move right.


I think this is about freedom to choose, why not the current service force every user to use bech32 or taproot? there are many services give legacy or P2SH address to deposit. Right now, total funded Bitcoin address in legacy is more higher than bech32.

Do you know one thing about the Bitcoin network, you don't force things because the network is not a one man technology and that is why we don't expect it to have a single point of failure to affect others. Whenever there is a new update, they make sure that the update is backwards compatible in the sense that the new node can download the full update and the old node can maintain the previous updates and still be able to use the new updates. Any new node can still maintain the old code and still be able to use the new code but it is just that some old nodes don't care about upgrades and updates.  In addition, you can't force everyone to abandon the old wallets because if you check the rich list of bitcoin, it's legacy wallets that contains more of the wallet, if you want to force people to used the new wallet, I guess some people might lose access to their bitcoin.
hero member
Activity: 742
Merit: 633
I read double spend is possible even the transaction isn't full RBF, so I guess saying double spend occur in full RBF is the disadvantage or danger isn't entirely correct.

I think this is about freedom to choose, why not the current service force every user to use bech32 or taproot? there are many services give legacy or P2SH address to deposit. Right now, total funded Bitcoin address in legacy is more higher than bech32.

Criticism

Some people believe transaction replacement harms Bitcoin by enabling double spend attacks, where an attacker sends bitcoins, but then replaces that transaction with one taking them back.

However, this criticism does not hold up: double spend attacks are entirely possible without RBF.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
There is no danger in enabling the RBF and since full RBF can be availed, TX that hasn't been broadcasted as RBF can bump fees too but its kind of a pain in the ass, so switch to better wallets that have RBF.
The're risk in enabling RBF but it's minimal hence it should be made know to all that sometimes it can be risky if not confirmed yet.

I am not sure, what do you mean by minimal risk? By implementing a feature that is already available on the recommended wallets but shitty wallets are too lazy to roll over the updates and just keep the users without developing anything.

RBF is something that we can use to increase the fees by rebroadcasting with different signature and it also can be termed as double spend if the outputs altered from the pervious transaction.
hero member
Activity: 462
Merit: 767
Instant cryptocurrency exchange with own reserves!
The question is in the title.
I was reading on some other topic on this Board and it got me curious.  Why is RBF not by default for all Transactions on the Blockchain?

I would love to ask a stupid question. What will happen if all transactions are RBF by default? Do centralized exchange users get control over their transactions?  Cheesy Some wallets have to do some work to implement these features. There are a lot of users who use Trust Wallet these days, which gives them the seed phrase! Still, the users do not have options to enable RBF.

I don't see any dangers because it will be a great way for Bitcoiners. Currently, the mempool is unrealistic, and sometimes it goes from 100 sat/vB to 150 sat/vB in a few minutes. It takes less than an hour to reach 250 sat/vB. If RBF is enabled in most wallets, users could bump the fee and avoid waiting for ages!
member
Activity: 66
Merit: 5
Eloncoin.org - Mars, here we come!
If I order a product from you and RBF is enabled I can send the payment with a low transaction fee and after some time I received my product from you, I can just go back and replaces the transaction with my own address and send back to myself with a higher transaction fee if the transaction is still unconfirmed hence I have scam you.

True, this is a good example of the dangers of accepting RBF-enabled transactions, but as @hosseinimr93 stated, consider the deal unpaid as long as the transaction of the BTC payment is unconfirmed.  This will save us (sellers) a lot of headaches.

The example I gave there was to let the OP know about the risk in enabling RBF on transactions, now for sure one most not sell without confirming transaction first but sometimes this things happens here people deliver products before payment or payment after delivery. In this cases it risk of rbf can occur.


 
There is no danger in enabling the RBF and since full RBF can be availed, TX that hasn't been broadcasted as RBF can bump fees too but its kind of a pain in the ass, so switch to better wallets that have RBF.
The're risk in enabling RBF but it's minimal hence it should be made know to all that sometimes it can be risky if not confirmed yet.
legendary
Activity: 2982
Merit: 1153
For those who stumbled on this thread and are new to the acronym RBF, it simply means Replace By Fee[1] in Bitcoin terminology, it is an option to change the unconfirmed transaction's transaction fee in order to put the Bitcoin transaction first in the line to be confirmed.

I think the only danger of having RBF enabled in a transaction is double-spending the transaction and sending it to another owned wallet in order to scam the receiver, Having this enabled makes the transaction susceptible to fraud and scams since it can be exploited by bad people.

Other than that, I find RBF helpful especially when we are rushing for the transaction to get confirmed and we paid a little less transaction fee to get on the priority list. 


If I order a product from you and RBF is enabled I can send the payment with a low transaction fee and after some time I received my product from you, I can just go back and replaces the transaction with my own address and send back to myself with a higher transaction fee if the transaction is still unconfirmed hence I have scam you.

True, this is a good example of the dangers of accepting RBF-enabled transactions, but as @hosseinimr93 stated, consider the deal unpaid as long as the transaction of the BTC payment is unconfirmed.  This will save us (sellers) a lot of headaches.


[1] https://trezor.io/learn/a/replace-by-fee-rbf-bitcoin
sr. member
Activity: 476
Merit: 385
Baba God Noni

But this leads me to think that any wallet that does not support basic things like RBF should be avoided.

I think it's just good we say centralised wallets should be avoided in transaction of Bitcoin as they might support other tokens.Well there maybe some that supports RBF but I haven't heard of any , maybe someone does know any he/she can share. Smiley
It is not advisable to use a centralized wallet because you are not in control of your keys and your wallet can be compromised. We heard the recent scam on ledger wallet because it is no longer a self custody wallet. This is why good self custody wallet should have RBF in other to help users use the function to fasten up their transaction due to low transaction fee that was initially used.

Let's take example of the ordinal running in bitcoin blockchain, a wallet without RBF, it means that once your transaction has been broadcast, if the low make miner rejects it, it means that it will just be there for weeks and back to your wallet.
sr. member
Activity: 476
Merit: 299
Learning never stops!

But this leads me to think that any wallet that does not support basic things like RBF should be avoided.

I think it's just good we say centralised wallets should be avoided in transaction of Bitcoin as they might support other tokens.Well there maybe some that supports RBF but I haven't heard of any , maybe someone does know any he/she can share. Smiley
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
Why is RBF not by default for all Transactions on the Blockchain?

Some crappy wallets don't avail all the features that is existing and some of them are even used by many like trust wallets. So the reason is their development team too lethargic and that pictures how their security and bug-fixing will be.

There is no danger in enabling the RBF and since full RBF can be availed, TX that hasn't been broadcasted as RBF can bump fees too but its kind of a pain in the ass, so switch to better wallets that have RBF.
legendary
Activity: 2702
Merit: 4002
From CORE version v24.0 (PR 25610) there is a -mempoolfullrbf startup option. If there is a sufficient number of node and mempool for mining pools enable this option, then I think there will be no need to use wallets that support the RBF flag.

But this leads me to think that any wallet that does not support basic things like RBF should be avoided. Such wallets will not receive a quick response if any vulnerability occurs, and if they are closed source, they may have weak entropy, as happened with some wallets.
sr. member
Activity: 1680
Merit: 379
Top Crypto Casino
The question is in the title.

RBF. What are the dangers of making it mandatory for all Transactions?
Imo, if made mandatory it can be used for fraudulent activities but it also protect people from such situations too.
Let's take an example with you privacyG, let's say want to buy a goods from you and you use Bitcoin as payment method I can scam you with RBF.

If I order a product from you and RBF is enabled I can send the payment with a low transaction fee and after some time I received my product from you, I can just go back and replaces the transaction with my own address and send back to myself with a higher transaction fee if the transaction is still unconfirmed hence I have scam you.

Source


This was the argument used by Bitrefill to oppose the implementation of full-RBF. They were one of the few merchants who accepted 0-confirmation transactions as long as you didn’t have RBF enabled and used a fee which they determined to be sufficiently high. I had also come across merchants using Bitpay allowing 0 confirmations.

Prior to full-RBF it was still risky to accept 0-conf payments because some miners didn’t honor the first seen rule and would accept the higher fee payment regardless of whether RBF was enabled.
full member
Activity: 420
Merit: 120
Regardless of the transaction has been flagged as RBF or not, you should never accept an unconfirmed transaction.

Take note that even non-RBF transactions have been always possible to get invalidated and with full RBF, it's now more risky to accept unconfirmed transactions.
A transaction is only considered as Done/ Completed when it got at least one confirmation.

Any transaction without one confirmation, no matter how high the fee rate it was broadcasted, is considered as not Done yet. Bitcoin blockchain is more secured than bank and bitcoin transactions are irreversible, not like bank transfers but even with bank transfer, you must see a notification of a bank transfer in your account, see it in your balance because complete your side in a trade with a trade partner. Note that bank transfer can be reverted by bank, not like Bitcoin transactions.

Replace by Fee (RBF) written by Bitcoin Optech about RBF, Full-RBF .
Quote
Also covering BIP125, Opt-in Replace-by-Fee, and Full-RBF

Replace-By-Fee (RBF) is a node policy that allows an unconfirmed transaction in a mempool to be replaced with a different transaction that spends at least one of the same inputs and which pays a higher transaction fee.

Different node software can use different RBF rules, so there have been several variations. The most widely-used form of RBF today is BIP125 opt-in RBF as implemented in Bitcoin Core 0.12.0 and subsequent versions; this allows the creator of a transaction to signal that they’re willing to allow it to be replaced by a higher-paying version. An alternative form of RBF is full-RBF that allows any transaction to be replaced whether or not it signals BIP125 replaceability.

BIP125 requires a replacement transaction to pay both higher feerate (BTC/vbyte) and a higher absolute fee (total BTC). This can make multiparty transactions that want to use RBF vulnerable to transaction pinning attacks, and so an occasional discussion topic is proposals to allow RBF to operate solely on a feerate basis.
legendary
Activity: 2534
Merit: 1233
Why is RBF not by default for all Transactions on the Blockchain?
IMO, it was designed to be simple for users.
Enabling RBF by default would introduce additional understanding of it, and many users may not fully understand the implications of RBF and this could lead to confusion and unintentional use of the feature, potentially resulting in issues like double-spending which usually happens when someone commits fraud.

That's why it's always advisable to wait for the transaction until at least 6 confirmations considering is a safe transaction that can't be canceled by bumping fee.  As we can see, not all wallets support RBF, and because developers think this might be misused.
legendary
Activity: 2380
Merit: 5213
If I order a product from you and RBF is enabled I can send the payment with a low transaction fee and after some time I received my product from you, I can just go back and replaces the transaction with my own address and send back to myself with a higher transaction fee if the transaction is still unconfirmed hence I have scam you.
Regardless of the transaction has been flagged as RBF or not, you should never accept an unconfirmed transaction.

Take note that even non-RBF transactions have been always possible to get invalidated and with full RBF, it's now more risky to accept unconfirmed transactions.
member
Activity: 66
Merit: 5
Eloncoin.org - Mars, here we come!
The question is in the title.

RBF. What are the dangers of making it mandatory for all Transactions?
Imo, if made mandatory it can be used for fraudulent activities but it also protect people from such situations too.
Let's take an example with you privacyG, let's say want to buy a goods from you and you use Bitcoin as payment method I can scam you with RBF.

If I order a product from you and RBF is enabled I can send the payment with a low transaction fee and after some time I received my product from you, I can just go back and replaces the transaction with my own address and send back to myself with a higher transaction fee if the transaction is still unconfirmed hence I have scam you.

Source
legendary
Activity: 2380
Merit: 5213
O r if you run your own node and enable it, you will be able to replace any transaction.
Even if you run your node, enable full RBF and broadcast the replacement transaction using your own node, that doesn't guarantee a good propagation of your transaction.
For the replacement transaction to be propagated well, your node needs to be connected to nodes that have enabled full RBF.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
When full RBF has been implemented, it is because full RBF is not enabled by default. A node that will have to support it will have to enable it.

Any transaction can be replaced, if you can find a node that has your transaction in its mempool and that enable full RBF. O r if you run your own node and enable it, you will be able to replace any transaction.
legendary
Activity: 2380
Merit: 5213
There are nodes that have enabled full RBF.
Any node that has enabled full RBF treats all transactions as RBF-enabled and accept the replacement transaction, even if the original transaction has not been flagged as RBF.

Most probably, more and more nodes will enable full RBF in the future.
legendary
Activity: 882
Merit: 1873
Crypto Swap Exchange
The question is in the title.

I was reading on some other topic on this Board and it got me curious.  Why is RBF not by default for all Transactions on the Blockchain?
Jump to: