bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Peter Todd

Posted on: October 20, 2023 10:47 UTC

In the email, the sender is expressing their disagreement with the explanation provided regarding the expiration of the HTLC-preimage.

They argue that if one party possesses the HTLC-preimage, they should have the right to spend it even after the timeout branch becomes another possible way to spend it. The sender suggests that the current explanation gives the impression that Bob has stolen the output from Caroll because she was unable to spend the HTLC-preimage output in time.

The sender emphasizes the need for a thorough explanation as to why the right to spend the HTLC-preimage output should expire. They point out that simply stating that the HTLC-preimage doesn't expire is not sufficient. The sender requests clarification on why Caroll's right to spend the output should be invalidated.

It is important to note that the sender includes a link (https://petertodd.org) in their email, indicating that there may be additional information or resources available on this topic.