bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Matt Corallo

Posted on: October 21, 2023 01:55 UTC

In an email sent by Peter Todd, he discusses the issue of data storage and management in relation to Lightning.

He highlights that while the current amount of data is not significant, when multiplied by 100, it becomes a substantial amount that requires proper storage. This poses a challenge for larger nodes as dealing with such a volume of data becomes more difficult compared to smaller amounts.

Peter mentions the concept of SIGHASH_SINGLE|ANYONECANPAY, which allows for combining multiple HTLC claims into a single transaction. In contrast, using pre-signing leads to numerous individual transactions. This difference in approach has implications for managing and organizing transactions efficiently.

The email is signed off by Peter Todd.

Note: The farewell part of the email has been ignored as per the rules provided.