Question: could CPFP lead to exploitation, eg. not including transaction fees if they know the parent will be forced to pay those fees if they ever want to see their money?
If the parent pays 1 sat/vb, and the equally-sized child pays 10 sat/vb, then both as a whole pay the average, 5.5 sat/vb. The child has to take into account the parent's transaction size, and that's why CPFP might be expensive sometimes. If the parent is extremely large in size, as a big consolidation, then the child has to account that.
The formula is demonstrated in here by hosseinimr93:
SA = Size of the unconfirmed transaction
SB = Size of the new transaction (the transaction you will make for doing CPFP)
fA = The fee rate used for the unconfirmed transaction.
fB = The fee rate you should use for the new transaction.
f = the fee rate required for a fast confirmation.
fB = (f*(SA+SB) - SA*fA) / SB
Both transactions' fee rate is:
f = (fB*SB + fA*SB)/(SA + SB).
You can try playing with it in this python program:
fA, fB = 1, 10
sA, sB = PARENT_SIZE, CHILD_SIZE
f = (fB*sB + fA*sA)/(sA + sB)
print(f)
You can change
PARENT_SIZE and
CHILD_SIZE to your values.