Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Peter Todd

Oct 16, 2023/19:13 UTC

The email discusses the need for a more detailed explanation of an exploit involving the spending of the same HTLC txout by two different parties. The sender suggests that in order for people to understand the exploit, it is important to provide additional information on how this situation occurs. Specifically, they mention the scenario where the first party does not have the right to spend the HTLC txout based on their knowledge of the HTLC-preimage.

The sender highlights the importance of explaining the mechanics behind this exploit in order to ensure clarity and understanding among readers. They imply that a comprehensive explanation will enable individuals to grasp the intricacies of the situation and its implications.

It is likely that the sender is seeking guidance or assistance in formulating a more detailed explanation of the exploit, possibly for educational or informative purposes. However, without further context or information, it is difficult to ascertain the specific objective or desired outcome of the sender's request.

Overall, the email emphasizes the necessity of providing a thorough explanation of the exploit, addressing the mechanism by which two parties can spend the same HTLC txout without the first party having the authority to do so based on their knowledge of the HTLC-preimage.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback