Skip to content

Commit c449c01

Browse files
NicolasDorierNicolasDorier
committed
Do not allow decrease in absolute fee
1 parent 5491079 commit c449c01

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

bip-0078.mediawiki

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -117,6 +117,7 @@ The payjoin proposal MAY:
117117
118118
The payjoin proposal MUST NOT:
119119
* Shuffle the order of inputs or outputs, the additional outputs or additional inputs must be inserted at a random index.
120+
* Decrease the absolute fee of the original transaction.
120121
121122
===BIP21 payjoin parameters===
122123

@@ -249,6 +250,7 @@ The receiver needs to do some check on the original PSBT before proceeding:
249250

250251
The sender should check the payjoin proposal before signing it to prevent a malicious receiver from stealing money.
251252

253+
* Verify that the absolute fee of the payjoin proposal is equals or higher than the original PSBT.
252254
* If the receiver's BIP21 signalled <code>pjos=0</code>, disable payment output substitution.
253255
* Verify that the transaction version, and the nLockTime are unchanged.
254256
* Check that the sender's inputs' sequence numbers are unchanged.
@@ -529,6 +531,10 @@ public async Task<PSBT> RequestPayjoin(
529531
if (sequences.Count != 1)
530532
throw new PayjoinSenderException("Mixed sequence detected in the proposal");
531533
534+
decimal newFee = proposal.GetFee();
535+
decimal additionalFee = newFee - originalFee;
536+
if (additionalFee < 0)
537+
throw new PayjoinSenderException("The receiver decreased absolute fee");
532538
// For each outputs in the proposal:
533539
foreach (PSBTOutput proposedPSBTOutput in proposal.Outputs)
534540
{
@@ -545,8 +551,6 @@ public async Task<PSBT> RequestPayjoin(
545551
// The amount that was substracted from the output's value is less or equal to maxadditionalfeecontribution
546552
if (actualContribution > optionalParameters.MaxAdditionalFeeContribution)
547553
throw new PayjoinSenderException("The actual contribution is more than maxadditionalfeecontribution");
548-
decimal newFee = proposal.GetFee();
549-
decimal additionalFee = newFee - originalFee;
550554
// Make sure the actual contribution is only paying fee
551555
if (actualContribution > additionalFee)
552556
throw new PayjoinSenderException("The actual contribution is not only paying fee");

0 commit comments

Comments
 (0)