bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Peter Todd

Posted on: October 21, 2023 02:43 UTC

The email discusses the topic of storing ephemeral data, specifically in relation to HTLC (Hashed Timelock Contracts) transactions and commitment transactions.

The author mentions that since lightning uses disclosed secrets to invalidate old state, it is not necessary to keep every signature from the counterparty indefinitely.

In terms of fees, the email states that RBF (Replace-By-Fee) has a minimum incremental relay fee of 1sat/vByte by default. It is then mentioned that using SIGHASH_SINGLE requires one output per input, so combining multiple SIGHASH_SINGLE transactions together does not result in significant savings. The savings amount to just 18 bytes for nVersion, nLockTime, and the txin and txout size fields.

The email further explains that the HTLC-timeout transaction takes up 166.5 vBytes, resulting in a savings of only 11% when combined with other transactions. However, if there is a need to fee bump and add an additional input, it will take up space and may require a change output. In such cases, the author suggests that a pre-signed transaction would have been a better option.

Additionally, the author mentions that the assumption of having lots of HTLCs in flight that need to be spent is often not the case.

The email concludes with a link to Peter Todd's website: https://petertodd.org.