Basic vault prototype using OP_CAT

Basic vault prototype using OP_CAT

Posted on: April 11, 2024 21:52 UTC

The email discusses a vulnerability in a specific transaction mechanism involving a vault that can be exploited by miners or sabotaged by non-miners.

Specifically, it outlines how a miner is capable of draining the vault during the 'trigger withdrawal' transaction. This is achieved by positioning their input as the first input and the covenant-locked input as the second. The transaction is constructed in such a way that the output directed back to the miner equals the amount they initially contributed (satisfying the input_0=output_0 condition), while the remaining portion of the covenant's funds are split. A minimal amount, referred to as the "dust" amount of 546 satoshis for non-SegWit transactions, is allocated to one output, and the rest is taken as a fee by the miner, effectively allowing them to capture all the value from the vault.

Additionally, the email highlights a potential risk posed by non-miners who, although unable to directly benefit in the same manner, can nonetheless initiate transactions that result in the vault's funds being inadvertently directed to a random miner, thereby sabotaging the vault. This aspect underscores a broader security concern within the system - the lack of a safeguard against malicious interventions aimed at depleting the vault's assets without direct financial gain to the aggressor.

The author also notes a discrepancy in the minimum dust threshold between non-SegWit and SegWit transactions, with the latter having a lower threshold as determined by the IsDust() function. This detail suggests further complexity in managing and securing transactions across different Bitcoin transaction formats.

However, the email concludes without offering a solution to this vulnerability, indicating an ongoing uncertainty or challenge in addressing this specific security flaw within the described transaction system.