Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"
Posted by Antoine Riard
Oct 19, 2023/17:22 UTC
In an email conversation between Matt and Antoine, the main topic revolves around a specific mitigation mentioned in an attached paper. Antoine refers to subsection 3.4 of the paper titled "defensive fee-rebroadcasting" and provides a link to the paper on GitHub (https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf).
Antoine highlights that when there is a mempool backlog and the defensive fractional fee HTLC-timeout becomes stuck, it gives an advantage to the attacker. Additionally, Antoine suggests that an attacker can replace-cycle multiple honest HTLC-timeouts with a single malicious HTLC-preimage, paying the absolute fee but only encumbering the RBF penalty. Although he hasn't tested this specific behavior, Antoine mentions that the "fees" math doesn't initially seem advantageous for the defenders.
Overall, the email focuses on the mentioned mitigation strategy and its potential implications in terms of advantages for attackers and disadvantages for defenders. The provided link to the attached paper allows for further exploration of the discussed topic.
TLDR
Join Our Newsletter
We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.
Explore all Products
We'd love to hear your feedback on this project?
Give Feedback