Question: why do receive blocks require proof of work?

[fallerOfFalls]

I can see great disadvantages to this. A targeted penny spend attack forces the owner of an account to do a load of PoW before they can do anything else. And even with no attack, what if you want to receive many donations? you then have to do loads of PoW. To contrast this with sending: a user sending to many accounts is going to be able to plan for that, and obtain appropriate hardware.

So what does having PoW on the receive side protect against? What attack can be done only with valid receive blocks?

[Dekoze]

It's a valid question, talks about removing the receive pow and doubling the send have been discussed previously but I'm not sure if anything will come of it at this point. Also note you can configure your node to not automatically do pow if the value is under a certain threshold.

[5k1ttl3]

@Dekoze - is this an option in the GUI client or just the rpc node? If the latter, perhaps we should open a feature enhancement ticket?

[Dekoze]

Right now its a setting called "receive_minimum" in config.json. I don't think its currently a setting in the UI so an enhancement proposal sounds good.

[fallerOfFalls]

you can configure your node to not automatically do pow if the value is under a certain threshold.

I'm aware of this. It seems an inelegant solution. The idea of destroying/abandoning currency seems heinous to me. Every raw is sacred. Feel free to call me silly.

[pocesar]

@fallerOfFalls I don't think it's silly. a lot of altcoins depend on BTC sat for surviving. the same goes for raiblocks, even 1 raw is important and that will make the currency able to work on microtransactions in the future.

I guess one way to fix it is to combine many transactions done in a certain time window and generate PoW once for all of them (aka standard BTC blockchain way). but how to determine which ones should go into the PoW is the question, since rai uses UDP and order is not guaranteed, and timestamps can be faked

[triwebb1]

There is no need for PoW on a RECEIVE tx, this requirement should be removed. A bloom filter should be used instead.

Not only would this change mitigate the impact of penny-spend attacks on the target account, but it also reduces the burden placed on services for accepting XRB. Increase SEND PoW difficulty to compensate if needed, but definitely remove the RECEIVE PoW requirement.