# Gavin Andresen
# 2013-01-09 16:17:56
# https://bitcointalk.org/index.php?topic=135388.msg1444006#msg1444006

Yes, please do a proof-of-concept on testnet. @p{par}

I suspect this code in CTransaction::GetMinFee() makes the attacks either slower or more expensive than you estimate because fees increase for transactions larger than 250Kbytes: @p{par}


Code:
    // Raise the price as the block approaches full                                                                                               @p{brk}
    if (nBlockSize != 1 && nNewBlockSize @s{gt}= MAX_BLOCK_SIZE_GEN/2) @p{brk}
    { @p{brk}
        if (nNewBlockSize @s{gt}= MAX_BLOCK_SIZE_GEN) @p{brk}
            return MAX_MONEY; @p{brk}
        nMinFee *= MAX_BLOCK_SIZE_GEN / (MAX_BLOCK_SIZE_GEN - nNewBlockSize); @p{brk}
    } @p{brk}

 @p{brk}
I don't think these vulnerabilities are serious enough to warrant Official CVE Numbers, because I think if we create CVE numbers for every expensive-to-mount, easy-to-recover-from DoS vulnerability we will be denial-of-service-ing the attention span of users, and they might start ignoring warnings. @p{brk}