Original | Odaily Planet Daily
Author | Golem
What is RBF
RBF stands for Replace By Fee, which is a way to speed up Bitcoin transactions. It allows users to replace an unconfirmed transaction with a new transaction with a higher fee to achieve the purpose of speeding up transactions. As long as the new replacement transaction comes with a high enough fee, miners will be motivated to package the replacement transaction into the block.
However, the requirement for using RBF is that the created replacement transaction must use one or more of the same UTXOs as the original transaction as transaction input.
Why can RBF be used to attack Bitcoin transactions?
According to the above-mentioned requirements for using RBF, generally speaking, we cannot replace other people’s transactions because we cannot obtain other people’s signature authorization and use the UTXO in other people’s transactions.
However, because the signatures used by almost all Bitcoin trading markets are PSBT (partially signed Bitcoin transactions), we have the possibility to snipe other Bitcoin transactions. Simply put, sellers will privately authorize the market to sign when listing assets. The signature content can be understood as "agree to sell the asset when receiving xxx BTC". When a buyer is willing to trade, the market will combine the two signatures of the buyer and seller into a complete signed transaction and broadcast it to the memory pool.
After entering the memory pool, due to the transparency of the Bitcoin network, the seller’s signature is no longer known only to the market, but is exposed to everyone. Therefore, we can obtain the seller’s signature authorization and use the RBF function to reconstruct a high-fee substitute transaction to complete the sniping, making the original buyer’s transaction invalid and all efforts in vain.
How to use RBF to attack Bitcoin transactions
RBF itself is technically complex, and it is difficult for ordinary traders to master it. Fortunately, some people have developed relevant sniping tools in the market, which can be used even by novices. Let's take the sniping tool provided by Magisat as a tutorial.
1. Copy the transaction ID of the transaction to be sniped
Taking Magic Eden as an example, if we want to snipe Runestone's transaction now, first open the Runestone transaction interface and click Details
Then click on the transaction id on the transaction details page below to jump to the mempool
Finally, copy the transaction ID in the mempool and remember the fee rate of this transaction, because the fee rate must be higher than the original transaction when sniping later.
2. Use Magisat platform tools to complete transaction sniping
Magisat is a Bitcoin NFT trading platform that also launched a tool for instant sniping. Click the link below to access the tool:
https://magisat.io/instant-snipe
Then paste the transaction ID you just copied into the search box, click "Submit" first, you can see the detailed information of the transaction has appeared below, then we click "Buy floor"
When you reach the page for creating a transaction, first set the fee rate as shown below. For a successful sniping, it is usually twice as high as the original transaction. Then fill in the runestone receiving address. Finally, click Buy listings to pop up the wallet signature to confirm the transaction.
At this time, if you return to the mempool to view the original transaction, as shown in the figure below, it will show that the transaction has been replaced by a new transaction, and the history of the replaced transaction is also displayed below.
Tip: The examples selected in the above tutorials are just for demonstration and do not target the transactions in the examples.
Currently, this method can be used to snipe Bitcoin NFT and BRC 20 transactions, and Runes assets are expected to be supported soon. At the same time, it should be noted that not all snipes can be successful. This has a lot to do with miners/mining pools. If the miners/mining pools that pack the next block do not support the RBF function, then even though you have replaced the transaction, they will still pack the original transaction into the block. However, from the perspective of interests, in order to obtain higher handling fee income, it seems inevitable that miners support RBF.
How to prevent being sniped
Put yourself in their shoes. If we were the buyer, we certainly wouldn’t want our transaction to be sniped by others. So, is there any way to prevent our transaction from being sniped?
Some readers may think that since sniping transactions essentially use the RBF function, they can be avoided by disabling RBF when signing. However, this cannot be completely avoided. Such disabling can only disable the use of the RBF function, and miners can still pack the replaced high-fee transactions into blocks.
Therefore, the only reliable way now is to increase the gas when purchasing assets and pass the block as soon as possible to avoid the transaction being stuck and give the sniper enough time to operate. Of course, if you are unlucky and encounter a situation where you can't speed up in half an hour and get sniped, you can also follow the above tutorial to counter sniping.
Summarize
The blockchain is a veritable dark forest, where everyone is a hunter hiding in the dark, waiting for an opportunity to hunt others while worrying about exposing themselves. Using RBF to snipe transactions on Bitcoin is actually similar to the "claw robot" in Ethereum, except that with the narrowing of information gaps and the emergence of tools, the threshold for sniping Bitcoin transactions has become lower, reaching a point where everyone can use it.
Even if you don't want to snipe other people's transactions as a hunter, you should also master the method to counter-snipe at the critical moment. After all, the best defense is offense.
