Return-Path: <pete@petertodd.org> Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 4A5B7C0032; Sat, 21 Oct 2023 00:15:33 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 176164EE9C; Sat, 21 Oct 2023 00:15:33 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 176164EE9C Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm3 header.b=AS3DmL7/ X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EzoVN17mzMlX; Sat, 21 Oct 2023 00:15:28 +0000 (UTC) Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) by smtp4.osuosl.org (Postfix) with ESMTPS id 928304EE89; Sat, 21 Oct 2023 00:15:28 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 928304EE89 Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id 50C7C32009FD; Fri, 20 Oct 2023 20:15:27 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Fri, 20 Oct 2023 20:15:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1697847326; x=1697933726; bh=Y+2tKyTbBrcFn ywZEivDAwku/TGTDijl6yUmpO9IywM=; b=AS3DmL7/YkdaktVg41srfhMojt0z0 r9emkyyfdtn4LN+Emh0VgjbyEr9HnX6Jv/hFpVnBqIP+6q0h0MFyVu7GHWVsPBRF zIL+x/l1+D5qguPJ2dCXb9e9PgRUqPM2/mKp4bbLq9qiJPs6Q0QJVgYzhGvxCQN+ nz3t1HWxAP9vJfd+hIGxQDfGyxf47myA+KzDrWDUsaWicuk+FaUlywRUCyCdiy0L 7OVVzDUkW5JJaMZg5SjpQKMYBJAXNTtd4EYtzt8DnafMPkpYx36AVxy1Th2VqaD3 oOps8A3bbkSZ9P8MHH2jWXCr82+QAedq1xZ08ASRQF4DDjVKQzClk9dhQ== X-ME-Sender: <xms:HRgzZdIF-4RGhB48W4PspL3DSoWRJLAG1HkP0ko97Rz9Zi6Qkcv7ng> <xme:HRgzZZJCquftxHX-L-pDIsL5z0NlyHmURPIaXUrly3gZYWWKmMV1ZQStbOfkbDWtD BRlQHFFT4LkRsHmZIQ> X-ME-Received: <xmr:HRgzZVvcRY3dMIZDrbTXy2nawTMuf7ibVyR1ep9u44_3zp-HqpSrSZMluJjtzH_NsZRrkG-eSyDlup3x-AzsvsO97guQoETP2Agc08pSS46eemav> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrjeelgddvlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvghtvghr ucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvg hrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefhjedt necuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggurdho rhhg X-ME-Proxy: <xmx:HRgzZeYAgD1mcVPQWzKk1zVi3rOClWyfx2RueO7dZp34eUoWQuneCQ> <xmx:HRgzZUbKmrR-jwgyROIOMzi-YWA1UOMu62ZgAHRUKPmtT8S8LXGFBQ> <xmx:HRgzZSCgEaUTnouCRUyF0knvZ3OW8P_tNSUMRpLJ87cVwLcNTyd2Vw> <xmx:HhgzZZODXcjF3k1h-HpuFYDuYAM-of-mywRra52MTaZUKgt4lsnLcg> Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 20 Oct 2023 20:15:25 -0400 (EDT) Received: by localhost (Postfix, from userid 1000) id 68E135F86A; Sat, 21 Oct 2023 00:15:21 +0000 (UTC) Date: Sat, 21 Oct 2023 00:15:21 +0000 From: Peter Todd <pete@petertodd.org> To: Matt Corallo <lf-lists@mattcorallo.com> Message-ID: <ZTMYGcRvHh0Iwe2y@petertodd.org> References: <CALZpt+GdyfDotdhrrVkjTALg5DbxJyiS8ruO2S7Ggmi9Ra5B9g@mail.gmail.com> <eW4O0HQJ2cbrzZhXSlgeDRWuhgRHXcAxIQCHJiqPh1zUxr270xPvl_tb7C4DUauZy56HaCq6BqGN9p4k-bkqQmLb4EHzPgIxZIZGVPlqyF0=@protonmail.com> <64VpLnXQLbeoc895Z9aR7C1CfH6IFxPFDrk0om-md1eqvdMczLSnhwH29T6EWCXgiGQiRqQnAYsezbvNvoPCdcfvCvp__Y8BA1ow5UwY2yQ=@protonmail.com> <ZTJW59wQ/4WLZt2h@petertodd.org> <ZTJej/ipIl5hZIUn@petertodd.org> <CAGyamEVGe+z96Rc52V0j=a+He3frzhHEk_NPunXA-g1MwXXdGw@mail.gmail.com> <1a84a36c-ec23-43b5-9a61-1aafdc188892@mattcorallo.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="V+kpSR+Yz65nXk9o" Content-Disposition: inline In-Reply-To: <1a84a36c-ec23-43b5-9a61-1aafdc188892@mattcorallo.com> Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>, security@ariard.me, "lightning-dev\\\\\\\\\\\\\\\\@lists.linuxfoundation.org" <lightning-dev@lists.linuxfoundation.org> Subject: Re: [bitcoin-dev] [Lightning-dev] Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us" X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> X-List-Received-Date: Sat, 21 Oct 2023 00:15:33 -0000 --V+kpSR+Yz65nXk9o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 20, 2023 at 05:05:48PM -0400, Matt Corallo wrote: > Sadly this only is really viable for pre-anchor channels. With anchor > channels the attack can be performed by either side of the closure, as the > HTLCs are now, at max, only signed SIGHASH_SINGLE|ANYONECANPAY, allowing = you > to add more inputs and perform this attack even as the broadcaster. >=20 > I don't think its really viable to walk that change back to fix this, as = it > also fixed plenty of other issues with channel usability and important > edge-cases. What are anchor outputs used for other than increasing fees? Because if we've pre-signed the full fee range, there is simply no need for anchor outputs. Under any circumstance we can broadcast a transaction with a sufficiently high fee to get mined. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --V+kpSR+Yz65nXk9o Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmUzGBcACgkQLly11TVR Lzdv9A/5AWyr1ukm6GFZzlx1vEfwi0u47VgV3ALLD13EfsRKw7MeWQvhr/aZaQoH Mk8ogIJjKHq6KPi8noAuVibXaJX4NidIUtPBg1jVwOqI77Y//5eGOJ08OB0QC7Cx 5Q0/syAxsAnH8GjO2MbRe1JAqQPUpQuSRuHh9mQq4D13pjnUEWFHvttleYveZ0N1 zwdW7HHeSZrAsVr3YYrpZUibjVJCBOCxUAdd6rYYUDT0nUXb7KS+eqhT5/TPtLbL INaU0QC95MANtbl8vMHjpH3xLdZP7tKKvCcH+0N3ETebX19FcS0LH9Xv2YFm6/lo Pl6f/9RUjkEXKSOx2rj6B9dAVl7jp7Rgqt+YFRYetpBToIjCDWyj3631H1NGATiU MN7msDXhSZwf0DifvCEgjEEf036ZNkk3q7oMBoGc5X1RQ7/wAqkMBWbPN12djwoD qo1azqOiEIoMfrVnK/axVxvSwKlO6XczA8gnm9aMNUwfp29ccdzqu042+GEbK1FG ccb0ooDYkh8sm55Apy2OsXLHiHL4aZEctZ2wFJh0nC1gb4XAYdYcc56OtZvVoXp8 Uc3psOcoyhAphgxmbR6V5Aa3eiNh4AY6lM5mXoyq/Yt3J++KezQwWh0hsZM1NOvV wNcgfWhOpg3th/6yKbd5VRCBWNrM4bumXBqZg/vc99kVLGFf+3k= =r1Ih -----END PGP SIGNATURE----- --V+kpSR+Yz65nXk9o--