[bitcoin-dev] Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"
Undescribed Horrific Abuse, One Victim & Survivor of Many
gmkarl at gmail.com
Fri Oct 20 14:28:12 PDT 2023
On 10/16/23, Matt Morehouse via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> On Mon, Oct 16, 2023 at 7:21 PM Peter Todd via bitcoin-dev
> <bitcoin-dev at lists.linuxfoundation.org> wrote:
>> I think if you want people to understand this exploit, you need to explain
>> in more detail how we have a situation where two different parties can
>> spend the same HTLC txout, without the first party having the right to
>> spend it via their knowledge of the HTLC-preimage.
>
> The two main ways of spending an "offered" HTLC txout:
> 1) With a presigned multisig covenant transaction paying to the
> offerer (a.k.a HTLC-timeout transaction)
> 2) With a preimage and the receiver's signature
>
> Since option 1 uses a presigned covenant held by the offerer, only the
> offerer can spend via that path.
> Since option 2 requires the receiver's signature, only the receiver
> can spend via that path.
>
> The exact script used is here:
> https://github.com/lightning/bolts/blob/master/03-transactions.md#offered-htlc-outputs.
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
More information about the cypherpunks
mailing list