Batch exchange withdrawal to lightning requires covenants

The email begins with a warning about the risk of "not confirming" due to an unexpected increase in mempool usage. It mentions that there is a possibility for a previous splice transaction that was not confirming to eventually confirm instead of the subsequent splice transaction. This scenario could be specifically targeted and result in a loss of funds if implementations delete the signatures for commitment transactions for the previously-not-confirming splice transaction. The email also points out that the proposed solution violates the idea that a channel should not be spliced again while it is already being spliced.