[bisq-network/proposals] Using PoW for the P2P network messages as dos protection (#268)

[chimp1984]

@mpolavieja Curious about more details about your ideas!

The direction goes really into the off-chain trade protocol. 

So to summarize:
- For small amounts we can remove the main security features of Bisq (multisig and deposit) and use other features instead.
- The account age signing can be used as a kind of scarce resource
- Offers of such sellers will not need any BTC funds (no trade fee, no deposit, no trade amount lockup).
- To avoid spam pow can be used
- BSQ bonds might be used for additional security 
- In case of scam of the seller the buyer might be able to do a bank chargeback
- For instant payment methods we could reduce risk by repeated small payments in LN. For onchain BTC miner fee might be too high to break it down for too many txs. A payment channel protocol for only publishing last tx would help. But doing manually many repeated steps sucks, and automating would reduce payment methods to those very few which offer APIs. 

Open questions:
- How many parallel trades/offers are considered safe? Losing a signed account might be acceptable if potential gain from a scam is big enough. Similar for BSQ bonds. Tracking exposure from parallel trades is the hard problem in the off chain trade protocol... 
- Relying on bank chargeback option feels like a weak and dangerous dependency
- How does Bisq get trade fees from both traders if trade is done completely outside Bisq (e.g. LN, off chain)?
- Should that be only be supported for sell offers or also for buy offers? Buyer still has to send first for those offers.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/proposals/issues/268#issuecomment-734518944
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20201126/0747122f/attachment.htm>