TLDR

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Matt Morehouse

Oct 16, 2023/22:10 UTC

The email discusses two main ways of spending an "offered" HTLC txout. The first option involves a presigned multisig covenant transaction that pays to the offerer, also known as the HTLC-timeout transaction. This option can only be spent by the offerer since they hold the presigned covenant. The second option requires a preimage and the receiver's signature, and can only be spent by the receiver.

To understand the exact script used for these options, a link is provided to the GitHub repository: https://github.com/lightning/bolts/blob/master/03-transactions.mdoffered-htlc-outputs.

In summary, the email explains the two methods of spending an "offered" HTLC txout and provides a link to the specific script used for reference.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Antoine Riard

Oct 16, 2023 /16:57 UTC

Antoine Riard

Oct 16, 2023 /16:57 UTC

Peter Todd

Oct 16, 2023 /19:13 UTC

Matt Morehouse

Oct 16, 2023 /22:10 UTC

Olaoluwa Osuntokun

Oct 16, 2023 /22:51 UTC

Olaoluwa Osuntokun

Oct 16, 2023 /22:51 UTC

Antoine Riard

Oct 17, 2023 /01:11 UTC

ziggie

Oct 17, 2023 /07:21 UTC

ziggie

Oct 17, 2023 /07:21 UTC

ZmnSCPxj

Oct 17, 2023 /10:34 UTC

ZmnSCPxj

Oct 17, 2023 /10:34 UTC

Antoine Riard

Oct 17, 2023 /17:47 UTC

Antoine Riard

Oct 17, 2023 /17:47 UTC

Antoine Riard

Oct 17, 2023 /18:34 UTC

Antoine Riard

Oct 17, 2023 /18:34 UTC

Antoine Riard

Oct 17, 2023 /18:47 UTC

Antoine Riard

Oct 17, 2023 /18:47 UTC

Matt Corallo

Oct 18, 2023 /00:17 UTC

Matt Corallo

Oct 18, 2023 /00:17 UTC

Antoine Riard

Oct 18, 2023 /02:57 UTC

Antoine Riard

Oct 18, 2023 /02:57 UTC

Bastien TEINTURIER

Oct 19, 2023 /08:12 UTC

Bastien TEINTURIER

Oct 19, 2023 /08:12 UTC

Matt Morehouse

Oct 19, 2023 /16:23 UTC

Matt Morehouse

Oct 19, 2023 /16:23 UTC

Antoine Riard

Oct 19, 2023 /17:22 UTC

Antoine Riard

Oct 19, 2023 /17:22 UTC

Matt Morehouse

Oct 19, 2023 /17:53 UTC

Matt Morehouse

Oct 19, 2023 /17:53 UTC

Matt Corallo

Oct 19, 2023 /18:02 UTC

Matt Corallo

Oct 19, 2023 /18:02 UTC

Antoine Riard

Oct 19, 2023 /19:33 UTC

Antoine Riard

Oct 19, 2023 /19:33 UTC

Antoine Riard

Oct 20, 2023 /06:56 UTC

Antoine Riard

Oct 20, 2023 /06:56 UTC

Peter Todd

Oct 20, 2023 /10:31 UTC

Peter Todd

Oct 20, 2023 /10:31 UTC

Peter Todd

Oct 20, 2023 /10:47 UTC

Peter Todd

Oct 20, 2023 /11:03 UTC

Peter Todd

Oct 20, 2023 /11:03 UTC

Jochen Hoenicke

Oct 20, 2023 /11:18 UTC

Matt Morehouse

Oct 20, 2023 /18:35 UTC

Matt Morehouse

Oct 20, 2023 /18:35 UTC

Matt Corallo

Oct 20, 2023 /21:05 UTC

Matt Corallo

Oct 20, 2023 /21:05 UTC

Peter Todd

Oct 21, 2023 /00:15 UTC

Peter Todd

Oct 21, 2023 /00:15 UTC

Olaoluwa Osuntokun

Oct 21, 2023 /00:18 UTC

Olaoluwa Osuntokun

Oct 21, 2023 /00:18 UTC

Matt Corallo

Oct 21, 2023 /01:03 UTC

Matt Corallo

Oct 21, 2023 /01:03 UTC

Peter Todd

Oct 21, 2023 /01:25 UTC

Peter Todd

Oct 21, 2023 /01:25 UTC

Matt Corallo

Oct 21, 2023 /01:55 UTC

Matt Corallo

Oct 21, 2023 /01:55 UTC

Peter Todd

Oct 21, 2023 /02:43 UTC

Peter Todd

Oct 21, 2023 /02:43 UTC

Nagaev Boris

Oct 21, 2023 /14:21 UTC

Antoine Riard

Oct 21, 2023 /20:05 UTC

Antoine Riard

Oct 21, 2023 /20:05 UTC

Nadav Ivgi

Oct 22, 2023 /04:49 UTC

Nadav Ivgi

Oct 22, 2023 /04:49 UTC

David A. Harding

Oct 23, 2023 /08:49 UTC

David A. Harding

Oct 23, 2023 /08:49 UTC

Matt Corallo

Oct 23, 2023 /16:09 UTC

Matt Corallo

Oct 23, 2023 /16:09 UTC

Peter Todd

Oct 27, 2023 /00:43 UTC

Peter Todd

Oct 27, 2023 /00:43 UTC

Antoine Riard

Nov 2, 2023 /04:46 UTC

Antoine Riard

Nov 17, 2023 /22:36 UTC

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

Built with 🧡 by the Bitcoin Dev Project

View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback