[littlecranky67]

You have to consider the network-level forwarding, not only the crypto. The noderunners could role out a new version that uses whatever heuristics to identify transactions that are likely from an attacker. If transaction aren't forwarded, they don't end up in the mempool and thus not in the blockchain. And yes, then the attacker might try to manipulate those heuristics and filter etc. It would become a cat-and-mouse game, but as long as the "good guys" act faster than the attack adapts, there is a good chance a big number of coins can be secured. It is not an all-or-nothing game.

[nehan]

The point is you can't distinguish transactions that are from an "attacker" when the underlying signature scheme is broken. The Bitcoin P2P network has some metrics to disconnect from nodes that might be trying to DoS you, but if a transaction has enough fees, is spending unspent coins, and has a valid signature, it's valid.

[littlecranky67]

I did say heuristics, not valid/invalid. You can do all sorts of analytics upon receiving a transaction, and then decide to forward or drop the transaction based on that heuristics. Valid/Invalid could become the minimum requirement for a transaction to be forwarded.

[nehan]

I can't think of heuristics available on the Bitcoin P2P network that would be helpful for this, but I'm curious if you have any in mind.