bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Antoine Riard

Posted on: October 19, 2023 17:22 UTC

Antoine discusses the concept of mitigation in a paper attached to the email.

The paper, titled "Defensive Fee-Rebroadcasting" and available at https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf, mentions the specific mitigation approach in subsection 3.4.

According to Antoine, when there is a backlog in the mempool and the defensive fractional fee HTLC-timeout remains stuck, it gives an advantage to attackers. He suggests that an attacker can replace-cycle multiple honest HTLC-timeouts with a single malicious HTLC-preimage, using a sequence of replacements rather than concurrent ones. In this scenario, the attacker would pay the absolute fee while only incurring the RBF (Replace-By-Fee) penalty. However, Antoine admits that he hasn't tested this specific behavior and initially, the math regarding fees doesn't seem advantageous for defenders.

Overall, the email highlights the importance of considering mitigation strategies, specifically related to defensive fee-rebroadcasting, in the context of mempool backlogs and potential attacks.