Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"
Posted by David A. Harding
Oct 23, 2023/08:49 UTC
In an email sent by Nadav Ivgi via bitcoin dev, the underlying problem of a replacement cycle is discussed. The description provided by Riard outlines a replacement cycle where Bob broadcasts an HTLC-timeout and Mallory replaces it with an HTLC-preimage. Mallory then replaces the transaction that created input C, removing the HTLC-preimage from the mempool.
However, an alternative approach is proposed where Bob broadcasts an HTLC-timeout and Mallory replaces it with an HTLC-preimage. In this case, Mallory uses input C to replace the HTLC-preimage with a transaction that does not include input A, thereby removing the preimage from the mempool.
The original scenario requires input C to be from an unconfirmed transaction, making the use of OP_CSV_ALLINPUTS effective. However, in the alternative scenario, input C can come from a confirmed transaction, rendering OP_CSV_ALLINPUTS ineffective.
The discussion highlights the difference between the two approaches and their effectiveness in handling the replacement cycle.
TLDR
Join Our Newsletter
We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.
Explore all Products
We'd love to hear your feedback on this project?
Give Feedback