Author

Topic: Thoughts on transaction pool and orphan pool and DOS attack (Read 442 times)

legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Thank you. What happens when it reaches the limit. Drop existing transactions or refuse new coming transactions.
I think although the spams won't affect other transactions, it will somehow interrupt the service of orphan pool.
For each additional orphan transaction newly received, the client will select one random transaction to kick out, IIRC.

Frankly speaking, the orphan pool isn't of too much importance and if anyone were to spam it, the service wouldn't be really affected either. The main transaction pool should be the mempool.
newbie
Activity: 16
Merit: 0
Nearly there. The orphan pools serves primarily those without a parent transaction that can be found in their UTXO. For those transactions, they are stored in a orphan pool with a max transaction size of only 100, if I'm not wrong.
You can't do much with it. Even if you want to spam up to their limits, its fruitless and it won't be relayed to other nodes.

Oooh wait, I found it: https://github.com/bitcoin/bitcoin/blob/3c098a8aa0780009c11b66b1a5d488a928629ebf/src/net_processing.h#L13.

Thank you. What happens when it reaches the limit. Drop existing transactions or refuse new coming transactions.
I think although the spams won't affect other transactions, it will somehow interrupt the service of orphan pool.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
DOS attack: Just simply fake some transactions with randomly generated key pairs, they will pass the validation and fill up the orphan pool(since the nodes cant find the input address).

Am I wrong with the transaction validation mechanism on the node or do I miss other technical details? Because this sounds trivial and no one thought about this?
Nearly there. The orphan pools serves primarily those without a parent transaction that can be found in their UTXO. For those transactions, they are stored in a orphan pool with a max transaction size of only 100, if I'm not wrong.
You can't do much with it. Even if you want to spam up to their limits, its fruitless and it won't be relayed to other nodes.

Oooh wait, I found it: https://github.com/bitcoin/bitcoin/blob/3c098a8aa0780009c11b66b1a5d488a928629ebf/src/net_processing.h#L13.
legendary
Activity: 1078
Merit: 1024
The generated keys won't control any funds. This makes you unable to produce a valid transaction.
newbie
Activity: 16
Merit: 0
Wrong place?
newbie
Activity: 16
Merit: 0
When a node receives a transaction, it first verifies the signature is valid or not. If the transactions pass the validation with a correct signature, they are added to the transaction pool. If a transaction’s inputs refer to a transaction that is not yet known, the orphan transaction will be stored temporarily in the orphan pool.

DOS attack: Just simply fake some transactions with randomly generated key pairs, they will pass the validation and fill up the orphan pool(since the nodes cant find the input address).

Am I wrong with the transaction validation mechanism on the node or do I miss other technical details? Because this sounds trivial and no one thought about this?
Jump to: