lightning-dev
OP_Expire and Coinbase-Like Behavior: Making HTLCs Safer by Letting Transactions Expire Safely
Posted on: November 3, 2023 05:27 UTC
The email discusses the vulnerability of multiple commitment transactions that are pre-signed with a Replace-by-Fee (RBF) range greater than zero.
The sender mentions that an attacker can exploit this vulnerability by selecting the pre-signed states with the lowest fees and adjusting the Child Pays for Parent (CPFP) transaction fees accordingly. This manipulation allows the attacker to evict the bumping CPFP, compromising the security of the system.
It is important to note that the email does not provide any additional context or background information. Instead, it directly presents the potential vulnerability and the method through which an attacker can exploit it. The sender highlights the risk associated with pre-signed commitment transactions and emphasizes the need for further investigation and mitigation measures.
To fully understand the implications of this vulnerability, it may be necessary to refer to external resources or related discussions on RBF and commitment transactions.