1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
Return-Path: <pete@petertodd.org>
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
by lists.linuxfoundation.org (Postfix) with ESMTP id 4A5B7C0032;
Sat, 21 Oct 2023 00:15:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp4.osuosl.org (Postfix) with ESMTP id 176164EE9C;
Sat, 21 Oct 2023 00:15:33 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 176164EE9C
Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key,
unprotected) header.d=messagingengine.com header.i=@messagingengine.com
header.a=rsa-sha256 header.s=fm3 header.b=AS3DmL7/
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp4.osuosl.org ([127.0.0.1])
by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id EzoVN17mzMlX; Sat, 21 Oct 2023 00:15:28 +0000 (UTC)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com
[64.147.123.24])
by smtp4.osuosl.org (Postfix) with ESMTPS id 928304EE89;
Sat, 21 Oct 2023 00:15:28 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 928304EE89
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47])
by mailout.west.internal (Postfix) with ESMTP id 50C7C32009FD;
Fri, 20 Oct 2023 20:15:27 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
by compute6.internal (MEProxy); Fri, 20 Oct 2023 20:15:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:cc:content-type:content-type:date:date
:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
:message-id:mime-version:references:reply-to:sender:subject
:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
:x-sasl-enc; s=fm3; t=1697847326; x=1697933726; bh=Y+2tKyTbBrcFn
ywZEivDAwku/TGTDijl6yUmpO9IywM=; b=AS3DmL7/YkdaktVg41srfhMojt0z0
r9emkyyfdtn4LN+Emh0VgjbyEr9HnX6Jv/hFpVnBqIP+6q0h0MFyVu7GHWVsPBRF
zIL+x/l1+D5qguPJ2dCXb9e9PgRUqPM2/mKp4bbLq9qiJPs6Q0QJVgYzhGvxCQN+
nz3t1HWxAP9vJfd+hIGxQDfGyxf47myA+KzDrWDUsaWicuk+FaUlywRUCyCdiy0L
7OVVzDUkW5JJaMZg5SjpQKMYBJAXNTtd4EYtzt8DnafMPkpYx36AVxy1Th2VqaD3
oOps8A3bbkSZ9P8MHH2jWXCr82+QAedq1xZ08ASRQF4DDjVKQzClk9dhQ==
X-ME-Sender: <xms:HRgzZdIF-4RGhB48W4PspL3DSoWRJLAG1HkP0ko97Rz9Zi6Qkcv7ng>
<xme:HRgzZZJCquftxHX-L-pDIsL5z0NlyHmURPIaXUrly3gZYWWKmMV1ZQStbOfkbDWtD
BRlQHFFT4LkRsHmZIQ>
X-ME-Received: <xmr:HRgzZVvcRY3dMIZDrbTXy2nawTMuf7ibVyR1ep9u44_3zp-HqpSrSZMluJjtzH_NsZRrkG-eSyDlup3x-AzsvsO97guQoETP2Agc08pSS46eemav>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrjeelgddvlecutefuodetggdotefrodftvf
curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu
uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc
fjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvghtvghr
ucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrthhtvg
hrnhepledvleelffdtudekudffjefgfeejueehieelfedtgfetudetgeegveeutefhjedt
necuffhomhgrihhnpehpvghtvghrthhouggurdhorhhgnecuvehluhhsthgvrhfuihiivg
eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvsehpvghtvghrthhouggurdho
rhhg
X-ME-Proxy: <xmx:HRgzZeYAgD1mcVPQWzKk1zVi3rOClWyfx2RueO7dZp34eUoWQuneCQ>
<xmx:HRgzZUbKmrR-jwgyROIOMzi-YWA1UOMu62ZgAHRUKPmtT8S8LXGFBQ>
<xmx:HRgzZSCgEaUTnouCRUyF0knvZ3OW8P_tNSUMRpLJ87cVwLcNTyd2Vw>
<xmx:HhgzZZODXcjF3k1h-HpuFYDuYAM-of-mywRra52MTaZUKgt4lsnLcg>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
20 Oct 2023 20:15:25 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id 68E135F86A; Sat, 21 Oct 2023 00:15:21 +0000 (UTC)
Date: Sat, 21 Oct 2023 00:15:21 +0000
From: Peter Todd <pete@petertodd.org>
To: Matt Corallo <lf-lists@mattcorallo.com>
Message-ID: <ZTMYGcRvHh0Iwe2y@petertodd.org>
References: <CALZpt+GdyfDotdhrrVkjTALg5DbxJyiS8ruO2S7Ggmi9Ra5B9g@mail.gmail.com>
<eW4O0HQJ2cbrzZhXSlgeDRWuhgRHXcAxIQCHJiqPh1zUxr270xPvl_tb7C4DUauZy56HaCq6BqGN9p4k-bkqQmLb4EHzPgIxZIZGVPlqyF0=@protonmail.com>
<64VpLnXQLbeoc895Z9aR7C1CfH6IFxPFDrk0om-md1eqvdMczLSnhwH29T6EWCXgiGQiRqQnAYsezbvNvoPCdcfvCvp__Y8BA1ow5UwY2yQ=@protonmail.com>
<ZTJW59wQ/4WLZt2h@petertodd.org> <ZTJej/ipIl5hZIUn@petertodd.org>
<CAGyamEVGe+z96Rc52V0j=a+He3frzhHEk_NPunXA-g1MwXXdGw@mail.gmail.com>
<1a84a36c-ec23-43b5-9a61-1aafdc188892@mattcorallo.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="V+kpSR+Yz65nXk9o"
Content-Disposition: inline
In-Reply-To: <1a84a36c-ec23-43b5-9a61-1aafdc188892@mattcorallo.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>,
security@ariard.me,
"lightning-dev\\\\\\\\\\\\\\\\@lists.linuxfoundation.org"
<lightning-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [Lightning-dev] Full Disclosure: CVE-2023-40231 /
CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are
belong to us"
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Oct 2023 00:15:33 -0000
--V+kpSR+Yz65nXk9o
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Oct 20, 2023 at 05:05:48PM -0400, Matt Corallo wrote:
> Sadly this only is really viable for pre-anchor channels. With anchor
> channels the attack can be performed by either side of the closure, as the
> HTLCs are now, at max, only signed SIGHASH_SINGLE|ANYONECANPAY, allowing =
you
> to add more inputs and perform this attack even as the broadcaster.
>=20
> I don't think its really viable to walk that change back to fix this, as =
it
> also fixed plenty of other issues with channel usability and important
> edge-cases.
What are anchor outputs used for other than increasing fees?
Because if we've pre-signed the full fee range, there is simply no need for
anchor outputs. Under any circumstance we can broadcast a transaction with a
sufficiently high fee to get mined.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--V+kpSR+Yz65nXk9o
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmUzGBcACgkQLly11TVR
Lzdv9A/5AWyr1ukm6GFZzlx1vEfwi0u47VgV3ALLD13EfsRKw7MeWQvhr/aZaQoH
Mk8ogIJjKHq6KPi8noAuVibXaJX4NidIUtPBg1jVwOqI77Y//5eGOJ08OB0QC7Cx
5Q0/syAxsAnH8GjO2MbRe1JAqQPUpQuSRuHh9mQq4D13pjnUEWFHvttleYveZ0N1
zwdW7HHeSZrAsVr3YYrpZUibjVJCBOCxUAdd6rYYUDT0nUXb7KS+eqhT5/TPtLbL
INaU0QC95MANtbl8vMHjpH3xLdZP7tKKvCcH+0N3ETebX19FcS0LH9Xv2YFm6/lo
Pl6f/9RUjkEXKSOx2rj6B9dAVl7jp7Rgqt+YFRYetpBToIjCDWyj3631H1NGATiU
MN7msDXhSZwf0DifvCEgjEEf036ZNkk3q7oMBoGc5X1RQ7/wAqkMBWbPN12djwoD
qo1azqOiEIoMfrVnK/axVxvSwKlO6XczA8gnm9aMNUwfp29ccdzqu042+GEbK1FG
ccb0ooDYkh8sm55Apy2OsXLHiHL4aZEctZ2wFJh0nC1gb4XAYdYcc56OtZvVoXp8
Uc3psOcoyhAphgxmbR6V5Aa3eiNh4AY6lM5mXoyq/Yt3J++KezQwWh0hsZM1NOvV
wNcgfWhOpg3th/6yKbd5VRCBWNrM4bumXBqZg/vc99kVLGFf+3k=
=r1Ih
-----END PGP SIGNATURE-----
--V+kpSR+Yz65nXk9o--
|