samourai-dojo
samourai-dojo copied to clipboard
Samourai-Wallet
Add a random delay to broadcast scheduled transactions
Assuming I'm reading the code correctly, scheduled transactions are broadcast immediately after a new block is mined.
For example, imagine we had a transaction scheduled for block 3:
| Block height | Time | Transaction broadcast/time |
|---|---|---|
| 1 | +0 minutes | False |
| 2 | +10 minutes | False |
| 3 | +20 minutes | True, at +20 minutes |
| 4 | +30 minutes | False |
An attacker could assume that this transaction might have been scheduled. Compare this to:
| Block height | Time | Transaction broadcast/time |
|---|---|---|
| 1 | +0 minutes | False |
| 2 | +10 minutes | False |
| 3 | +20 minutes | True, at +25 minutes |
| 4 | +30 minutes | False |
Where an attacker could be sure the transaction was not scheduled as it came between two different blocks (and thus was not triggered by a block being mined).
Adding a random time after the target block (say, 0 seconds to 20 minutes) would prevent an attacker from determining that any transactions broadcast between two blocks were not broadcasted by Dojo's implementation of scheduled transactions.
actually, there's already a random delay of a few seconds between the 2 events:
- delay for propagating the block between the miner and the full node hosted by dojo (through tor)
- delay for processing of the block by the tracker
That being said, the addition of a larger random delay (from a few seconds to a couple of minutes) might be a good idea.
