Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id D3077C0032 for ; Mon, 16 Oct 2023 19:21:03 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 85FE0405D8 for ; Mon, 16 Oct 2023 19:21:03 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 85FE0405D8 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.a=rsa-sha256 header.s=fm3 header.b=cZi3P8d9 X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.602 X-Spam-Level: X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EZs0aedz0lxD for ; Mon, 16 Oct 2023 19:21:02 +0000 (UTC) X-Greylist: delayed 421 seconds by postgrey-1.37 at util1.osuosl.org; Mon, 16 Oct 2023 19:21:02 UTC DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 235AF405AE Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by smtp4.osuosl.org (Postfix) with ESMTPS id 235AF405AE for ; Mon, 16 Oct 2023 19:21:02 +0000 (UTC) Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.nyi.internal (Postfix) with ESMTP id 4F18E5C003F; Mon, 16 Oct 2023 15:13:57 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute7.internal (MEProxy); Mon, 16 Oct 2023 15:13:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1697483637; x= 1697570037; bh=ZGSvrI9lMrdz4AvT8KIc6NwAKoXgWbPZgEBLBaWNRgs=; b=c Zi3P8d9Klfs1oRD3NKkc0V39KUHR2oYUhF27JLclDhbPLMqJWad9TeAA9Jx+LuQt BbsWSCc4bYO+W2LDSQ9I4RHlV6wHU6SshdCjOZSLp1d5u4MVbG73TlAdSJHOEhaM jXeejLJ/iyTch52+Gqj2jYfAQsTIiu8RtGU43rwYH9hpE8dvubHOC815JJLWroFA R4Ptj156h5IFRQO+RE1+Av5YTdrfAu6GJnz87aJSdGbrLimDMfzuJg7NnABmlJJV yU3ZhRRBQn8FeYRRKvrodpg2AfqfO+bdStwilR1Xs3poPb8YUh9Z3M7G1tD8Kkxw m/H6nU+fdSUTJbAfWopEA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrjedtgddufeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvffufggjfhfkgggtgfesthhqmhdttderjeenucfhrhhomheprfgvthgv rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth gvrhhnpefhteeuleffvddujeejteejjefgjeefleeiieejudeiiedvueegffefueeglefg ueenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvg htvgesphgvthgvrhhtohguugdrohhrgh X-ME-Proxy: Feedback-ID: i525146e8:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 16 Oct 2023 15:13:56 -0400 (EDT) Date: Mon, 16 Oct 2023 21:13:52 +0200 From: Peter Todd To: Antoine Riard , Bitcoin Protocol Discussion User-Agent: K-9 Mail for Android In-Reply-To: References: Message-ID: <7ED2BCD8-BAE3-48E3-9749-A396F3724B6E@petertodd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [bitcoin-dev] Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us" X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Oct 2023 19:21:03 -0000 On October 16, 2023 6:57:36 PM GMT+02:00, Antoine Riard via bitcoin-dev wrote: >(cross-posting mempool issues identified are exposing lightning chan to >loss of funds risks, other multi-party bitcoin apps might be affected) > >As the HTLC-preimage spends an unconfirmed input that was already include= d >in the unconfirmed and unrelated child transaction (rule 2), pays an >absolute higher fee of at least the sum paid by the HTLC-timeout and chil= d >transaction (rule 3) and the HTLC-preimage feerate is greater than all >directly conflicting transactions (rule 6), the replacement is accepted= =2E >The honest HTLC-timeout is evicted out of the mempool=2E I think if you want people to understand this exploit, you need to explain= in more detail how we have a situation where two different parties can spe= nd the same HTLC txout, without the first party having the right to spend i= t via their knowledge of the HTLC-preimage=2E