Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Peter Todd

Oct 20, 2023/11:03 UTC

The email discusses the concept of increasing the multiplier in fee bumping. The sender clarifies that increasing the multiplier refers to starting with a smaller multiplier at the beginning of the range and ending with a bigger one. For example, fee increases pre-signed for a range like 1.1, 1.2, 1.4, 1.8, 2.6, 4.2, 7.4, etc. This approach utilizes most of the range for smaller bumps as a percentage, while larger percentage bumps are reserved for the end where the strategy changes to something more "scorched-earth".

The idea is to apply this concept properly to commitment transactions, which may result in the removal of HTLCs when their value drops below the fees necessary to get those outputs mined. Additionally, the sender mentions that simultaneous variants of transactions can be signed, deducting fees from different party's outputs. In other words, Alice can give Bob the ability to broadcast higher and higher fee transactions, taking the fees from Bob's output(s), and Bob can give Alice the same ability, taking the fees from Alice's output(s).

The sender acknowledges that they haven't thought through how this would work with musig, but it can certainly be done with plain old OP_CheckMultisig. They also include a link to Peter Todd's website, petertodd.org, for further reference.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback