delvingbitcoin

Full Disclosure: “Transaction-Relay Throughput Overflow attacks against Off-Chain Protocols

Original Postby ariard

Posted on: December 5, 2024 17:55 UTC

The recent report published on the vulnerabilities within Bitcoin's transaction-relay rules has been a topic of significant discussion.

Accessible through this link, the report details a comprehensive analysis of the underlying issues that have widespread implications across various Bitcoin use-cases, including Lightning. The complexity and potential impact of this vulnerability have prompted a request for a Common Vulnerabilities and Exposures (CVE) ID from MITRE. As of now, a temporary identifier, 1780258, has been assigned while the process for an official CVE ID is underway.

This singular request for a CVE highlights the severity and far-reaching consequences of the flaw discovered in the transaction-relay components. By affecting an unbounded number of use-cases, it underscores the critical nature of the vulnerability and the urgent need for addressing it within the Bitcoin community.