1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
Return-Path: <pete@petertodd.org>
Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137])
by lists.linuxfoundation.org (Postfix) with ESMTP id A271EC0032
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 20 Oct 2023 10:47:45 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp4.osuosl.org (Postfix) with ESMTP id 70DB04ECDD
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 20 Oct 2023 10:47:45 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 70DB04ECDD
Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key,
unprotected) header.d=messagingengine.com header.i=@messagingengine.com
header.a=rsa-sha256 header.s=fm3 header.b=v9Jv3tPp
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp4.osuosl.org ([127.0.0.1])
by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id K5QQ8IuOn-Bw
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 20 Oct 2023 10:47:44 +0000 (UTC)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com
[64.147.123.21])
by smtp4.osuosl.org (Postfix) with ESMTPS id 70C164ECAB
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 20 Oct 2023 10:47:44 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 70C164ECAB
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47])
by mailout.west.internal (Postfix) with ESMTP id 6AE0B32009CA;
Fri, 20 Oct 2023 06:47:43 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute6.internal (MEProxy); Fri, 20 Oct 2023 06:47:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-type:content-type:date:date
:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
:message-id:mime-version:references:reply-to:sender:subject
:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
:x-sasl-enc; s=fm3; t=1697798862; x=1697885262; bh=PqTrfDRs/Av5b
uO1TsOOCM8RBjNhVi1PvfxqIkR0tQA=; b=v9Jv3tPpgsxNd8ZucD4QkgwE86iaP
50h98S4ydzMYNEiKq2L7kveKaXsIdpl/+ugVQ6LnNCpabqwCpOgQ0OR2ZiHK0Iz1
CSRYjav4UJx6RgDUYj8DHs6cuGIj0LotKAjXfWx6TN9f83dj9sZkb7j5VP5wQhfb
LEHU3La27Uc6DwNWzdG8OzBykLZyssh3VDoc2Tp77dD+tAW2S5bFKE7dV4cMlrQh
wfYfvTv1VlmBAWnKHRKcHATEr8MWbhoaEkFZtSv+bEBfYWdnYhXq/7n05YzYFqtA
69HWjgVw56e4/Pol97IgyuOo9Jmw81Xkn376imJA45tWST0P7lNxhVeDA==
X-ME-Sender: <xms:zloyZe5QMd6bKaquvNQ9r64SFVRXGSU8TrZp4d1yTLmFwA6Mt7hgrg>
<xme:zloyZX5lEzFhNPka95lWJmWKukH1W38VUuDB68fAqFfLqLI6BYqUdK_Wnlz2NI56s
oIQPmEjPamNv_r-9yk>
X-ME-Received: <xmr:zloyZdfC-R3_6woUSO0smwPKebx1-XvTjSNEJpzc5Y61f31accySwCp7Gw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrjeekgdefudcutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc
fjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvghtvghr
ucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvg
hrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefhjedt
necuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuihiivg
eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggurdho
rhhg
X-ME-Proxy: <xmx:zloyZbKLfH2kySaVst4HxdV3NQ_5dy7Raj2LqCMxyruolwR0D5qtwg>
<xmx:zloyZSIr5bOZ8lymyCuvm2NAzMctMQPvl3kMIM-1YB3rrpuySxNMrw>
<xmx:zloyZcyFkj2y4ts4CCMtFoORzp20GACyEWi3uJqFY6msx4z4AQT-UA>
<xmx:zloyZe1YIeEBXRQfkIM7lz9tl4ts1S3uHCKj_k7Lv5lOiVNzQo9mdQ>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
20 Oct 2023 06:47:42 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id 93F435F844; Fri, 20 Oct 2023 10:47:38 +0000 (UTC)
Date: Fri, 20 Oct 2023 10:47:38 +0000
From: Peter Todd <pete@petertodd.org>
To: Antoine Riard <antoine.riard@gmail.com>
Message-ID: <ZTJays5mDFvDqkkB@petertodd.org>
References: <CALZpt+GdyfDotdhrrVkjTALg5DbxJyiS8ruO2S7Ggmi9Ra5B9g@mail.gmail.com>
<7ED2BCD8-BAE3-48E3-9749-A396F3724B6E@petertodd.org>
<CALZpt+GsRfHvABjhkX=eN_1viVw8Jos4=+sBd7vWQJ_VxNta8g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="OeoqGIql4O7ZPeiE"
Content-Disposition: inline
In-Reply-To: <CALZpt+GsRfHvABjhkX=eN_1viVw8Jos4=+sBd7vWQJ_VxNta8g@mail.gmail.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Full Disclosure: CVE-2023-40231 / CVE-2023-40232
/ CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Oct 2023 10:47:45 -0000
--OeoqGIql4O7ZPeiE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Oct 17, 2023 at 02:11:20AM +0100, Antoine Riard wrote:
> > I think if you want people to understand this exploit, you need to
> explain in more detail how we have a situation where two different parties
> can spend the same HTLC txout, without the first party having the right to
> spend it via their knowledge of the HTLC-preimage.
>=20
> If I'm correctly understanding your question, you're asking why we have a
> situation where the spend of a HTLC output can be in competition between 2
> channel counterparties.
No, you are not correctly understanding it.
It's obvious that an HTLC output can be in competition between 2 different
parties. Obviously, the HTLC-preimage doesn't expire. The problem is you
haven't explained why the party with the HTLC pre-image should not *remain*=
the
party with the *right* to spend that output, even after the timeout branch
becomes another possible way to spend it.
> LN commitment transactions have offered HTLC outputs where a counterparty
> Alice is pledging to her other counterparty Caroll the HTLC amount in
> exchange of a preimage (and Caroll signature).
>=20
> After the expiration of the HTLC timelock, if the HTLC has not been claim=
ed
> on-chain by Caroll, Alice can claim it back with her signature (and the
> pre-exchanged Caroll signature).
>=20
> The exploit works actually in Caroll leveraging her HTLC-preimage
> transaction as a replace-by-fee of Alice's HTLC-timeout _after_ the
> expiration of the timelock, the HTLC-preimage transaction staying consens=
us
> valid.
That's precisely my point re: you not properly explaining the problem. If
Caroll has the HTLC-preimage, she has the right to spend it. You need to
explain why her right to spend that HTLC-preimage output should expire.
If anything, the way you've explained it sounds like Bob has stolen the out=
put
=66rom Caroll by virtue of the fact that Caroll wasn't able to spend the
HTLC-preimage output in time.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--OeoqGIql4O7ZPeiE
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmUyWsgACgkQLly11TVR
LzeTig//RWsawPzHRXmJnHmQxY2T9zj7TBpWjvys7E8Si0N62gWhLgwCeeRX4Acq
N9zkhyVDJulrbVIcD20gKM9PqetswtmdtkD15w6zeptok3A9VrQWIMnLvEpDtfk+
1jdII6IdbvuGSpMz0O2aSFSK4rDZlv39XXma3yPPnJWEAZFXvHQL1MPmtU9BjEHd
vQS0R/wjmu+3v+3z122L4h76jfoj5ebZPJklzqEcUX8lORIROxrU3HYGsIDAnpa9
P1ytmJO5/h+Wmrhgo1pdAv5IAipwKcyCQZwnfaWoCDN2anAzsOnEECCEfhMMjUyB
ktQRe89ZtCM8ZICEOC7xiBZ1L/a4PVJ/V0FHlXskme30eIJwQUYeP4sutAqZchnk
+HCu163JWE5XXWd3+bkkzgRqlcISpdGHiu2+Za4pC8QOaDxRuG13dIOJypi/LyK7
hTxTTqmX/drNqOYO/b35qZUYC+/PTXW47zz19SdtQL9KX8RCaVlBFnw+/uHPbYFF
yY5Ao2D+iebgWvjzc8BPFQjCuutsohn0Iu/0OTIuKa5O+mHXDfS26kT/1F5Ghiwk
sVn7CQ2cY0k/cxKz1+H80sFJZtauuY0V9h/8viE9MMkcvO/zoCjDZIsKJM2AntVw
P1kRQAAz7Jin8xknajNHjCQlQOkcJHNhRoLUyX8xBgCl2ZjL4H0=
=Hb9N
-----END PGP SIGNATURE-----
--OeoqGIql4O7ZPeiE--
|
