Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Antoine Riard

Oct 17, 2023/01:11 UTC

The email discusses a situation where two parties can spend the same HTLC (Hash Time Locked Contract) transaction output, even if the first party does not have the right to spend it using their knowledge of the HTLC preimage. The sender is seeking clarification on why this situation exists.

In Lightning Network (LN) commitment transactions, one counterparty, Alice, pledges the HTLC amount to another counterparty, Caroll, in exchange for a preimage and Caroll's signature. If the HTLC is not claimed on-chain by Caroll before the expiration of the HTLC timelock, Alice can claim it back with her signature and the pre-exchanged Caroll signature.

The exploit occurs when Caroll uses her HTLC-preimage transaction to replace Alice's HTLC-timeout after the timelock has expired. This replacement is still considered valid by the consensus rules. There are no mempool policy rules preventing Caroll's HTLC-preimage from being replaced once Alice's HTLC-timeout has been evicted from the mempool.

As a result, the HTLC output does not have any remaining spend candidate for this block. If Caroll successfully repeats this replacement process until an inbound HTLC on another channel owned by Alice expires, the "forward" HTLC can be double-spent.

This vulnerability allows Caroll to spend the HTLC transaction output without having the right to do so based on her knowledge of the HTLC preimage. It highlights a flaw in the current system that needs to be addressed to prevent such double-spending scenarios.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback