Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Peter Todd

Oct 20, 2023/10:47 UTC

The email raises a concern about the explanation provided regarding the expiration of the right to spend an HTLC (Hashed Time-Locked Contract) output. The sender points out that while it is acknowledged that the HTLC-preimage does not expire, it is not clear why the party possessing the pre-image should lose the right to spend the output even after the timeout branch becomes another possible way to spend it.

The sender emphasizes the need for a proper explanation as to why the right to spend the HTLC-preimage output should expire if Caroll possesses the pre-image. They suggest that the current explanation sounds like Bob has stolen the output from Caroll simply because Caroll was unable to spend it within the given time frame.

It is important to address this concern and provide a clearer explanation for why the right to spend the HTLC-preimage output should expire. By doing so, it will help ensure a better understanding of the concept and avoid any potential confusion or misinterpretation.

Note: The farewell part of the email has been disregarded as per the given rules.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback