Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Posted by Matt Corallo

Oct 20, 2023/21:05 UTC

The email discusses a potential attack on anchor channels in the context of Bitcoin Core and lightning network. The attack can be performed on pre-anchor channels, where the HTLCs are signed with SIGHASH_SINGLE|ANYONECANPAY. However, with anchor channels, the attack can be performed by either side of the closure. The email suggests that fixing this issue on the lightning end is not the right approach, as it is ultimately a problem with the transaction broadcast ordering and the optimal set of transactions for fee revenue.

The author highlights that the fix for this issue should lie with Bitcoin Core or other parts of the mining stack. Fixing it in the Bitcoin Core stack would require unbounded memory, which is not feasible. However, the author proposes the idea of using external software to monitor the mempool for transactions that were replaced out but could potentially re-enter the mempool later with other replacements. This software could optimize the revenue of block template selection and unintentionally fix the issue.

Overall, the email raises the concern of an attack on anchor channels and suggests that the solution should be implemented at the Bitcoin Core level. The proposal involves using external software to monitor the mempool and optimize block template selection.

Link to Raw Post

Thread Summary (69 replies)

Oct 16 - Nov 17, 2023

Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback