bitcoin-dev
OP_Expire and Coinbase-Like Behavior: Making HTLCs Safer by Letting Transactions Expire Safely
Posted on: November 3, 2023 05:27 UTC
The email discusses a potential vulnerability related to multiple commitment transactions that are pre-signed with a Replace-by-Fee (RBF) range of more than zero.
It states that despite having this RBF feature, an attacker can still exploit the system by selecting the lowest fee pre-signed states and adjusting the Child-Pays-for-Parent (CPFP) paid accordingly. This allows them to evict the bumping CPFP.
This vulnerability raises concerns about the effectiveness of the RBF feature in preventing transaction eviction. The email does not provide further details or examples of how this attack can be executed, but it highlights the need for careful consideration when using pre-signed commitment transactions with RBF.
It is important for programmers to be aware of this vulnerability and take appropriate measures to mitigate risks. Implementing additional security measures, such as monitoring transaction fees and ensuring proper fee adjustments, may help prevent potential attacks.
Please note that the email does not provide any links or external references for further information.