Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Olaoluwa Osuntokun

Oct 16, 2023/22:51 UTC

In the email, the sender expresses gratitude to Antoine for their write-up and diligence in reporting an issue to various implementations. They also mention the collaboration on mitigations and attack scenarios. There is a clarification that all relevant mitigations were implemented in lnd v0.16.1-beta, which was released on April 24th, 2023 [1]. However, there have been some performance regressions due to these mitigations, specifically related to mempool watching. To address this, in version 0.17.1, they plan to use the new gettxspendingprevout RPC call with bitcoind to further reduce load.

[1] Link: (not provided)

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback