lightning-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Matt Corallo

Posted on: October 21, 2023 01:03 UTC

Peter Todd's email discusses the use of anchor outputs and pre-signed transactions in addressing issues with edge-cases and the fee-inflation attack in Bitcoin.

By allowing the broadcaster to choose which transaction to broadcast, using pre-signed transactions can avoid reintroducing these issues. However, Todd expresses skepticism about the use of multiple pre-signed transactions due to increased fee overhead and the challenge of keeping track of various variants across different feerates. He believes that this is a policy bug that should be addressed at the policy/Bitcoin Core layer rather than within the lightning world.