ianduoteli
commented
5 years ago The motivation for limiting maximum transaction fee is to protect against a security vulerability in the anti-theft mechanism.
Consider that an attacker hacks your regular key (but not your recovery key of course). Let's say that you have 1000 coins in your wallet. The attacker creates a transaction from your wallet that sends 100 coins to his wallet and pays 900 coins as fee to the miners.
You find out within 24 hours and create a recovery transaction (with the recovery key). Once an alert is added to a block, the miner fee for this transaction must be paid to the miners. This means your recovery transaction must compensate the miners for the alert fee, so your recovery transaction must include a larger fee than 900 coins.. This means that no matter what you do, you will lose 900 coins due to the hack.
The easiest way to protect against this attack is to limit transaction fee. If transaction fee is limited at 0.1 coins (which is a huge amout btw, consider that BitcoinCore wallet is limited in fee by default to 0.1 BTC), then at most an attacker can cause you to lose 0.1 coins which isn't serious compared to the 1000 coins you have in your wallet.
Concern
This criticism given for the whitepaper relates to the limiting of the maximum transaction fee (section 8 on page 6).
As we know, miners mine to turn a profit. If they can turn a larger profit with little to no effort on their part, they will move their hash power elsewhere. This would cause an undesirable swing in hash power.
Solution
An alternative proposal is as follows:
The main reason that the maximum transaction fee is being implemented at the protocol level is to make things easier on wallet developers. It can be argued that it is for safety as well. The maximum transaction fee should be a suggestion given to wallet developers, but not enforced. This will increase the popularity of Bitcoin Royale among miners, and allow for increased adoption.