bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Nadav Ivgi

Posted on: October 22, 2023 04:49 UTC

The email suggests addressing a potential issue related to the use of unconfirmed outputs in a transaction.

The idea proposed is to introduce a new opcode called OP_CSV_ALLINPUTS or OP_CSV_OTHERINPUTS.

The OP_CSV_ALLINPUTS opcode would require all inputs in a transaction to have a matching nSequence, effectively preventing the use of unconfirmed outputs in the spending transaction for HTLC (Hashed Time-Locked Contract) preimage branch. This would provide protection against the replacement cycling attack.

Alternatively, the OP_CSV_OTHERINPUTS opcode could be used, which would allow the HTLC output itself to be spent immediately via the preimage branch. However, it would still require that any other inputs added for fees are confirmed.

By implementing either of these opcodes, it would ensure that unconfirmed outputs are not used in the HTLC-preimage-spending transaction, thus mitigating the risk of the replacement cycling attack.

It is worth noting that the author does not explicitly state whether this solution is desirable or if there are any potential drawbacks or considerations to be aware of. Additionally, no links or external references are provided in the email.