Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Antoine Riard

Oct 17, 2023/18:47 UTC

In the email, the sender mentions a previous discussion about conducting experiments before disclosing information. They express their willingness to set up a "black box" Lightning infrastructure on the mainnet to explore vulnerabilities and mitigations. However, they point out that the number of Lightning experts with the necessary knowledge and understanding to participate in these experiments is limited to those listed on the disclosure emails. Additionally, there were other pending non-disclosed security issues at the time, such as the "fake channel DoS vector" revealed on August 23, 2023, which prevented them from conducting the experiments.

Please note that this summary has been extracted from the email without any reference to the context or phrases introducing the information.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback