> I think if you want people to understand this exploit, you need to
explain in more detail how we have a situation where two different parties
can spend the same HTLC txout, without the first party having the right to
spend it via their knowledge of the HTLC-preimage.
If I'm correctly
Hi Antoine,
Thanks for this great write up, and also your diligence in reporting this
issue to the various implementations, and game planning with us re
mitigations and attack scenarios.
One small clarification: all of lnd's relevant mitigations were in place by
lnd v0.16.1-beta [1], which was
On Mon, Oct 16, 2023 at 7:21 PM Peter Todd via bitcoin-dev
wrote:
> I think if you want people to understand this exploit, you need to explain in
> more detail how we have a situation where two different parties can spend the
> same HTLC txout, without the first party having the right to spend
On October 16, 2023 6:57:36 PM GMT+02:00, Antoine Riard via bitcoin-dev
wrote:
>(cross-posting mempool issues identified are exposing lightning chan to
>loss of funds risks, other multi-party bitcoin apps might be affected)
>
>As the HTLC-preimage spends an unconfirmed input that was already
(cross-posting mempool issues identified are exposing lightning chan to
loss of funds risks, other multi-party bitcoin apps might be affected)
Hi,
End of last year (December 2022), amid technical discussions on eltoo
payment channels and incentives compatibility of the mempool anti-DoS
rules, a
Hi Bitcoin Developers,
### Problem
Wallet fingerprinting: Identifying the bitcoin wallet used to create the
transaction
### Previous research
A) 0xB10C wrote a [blog post][0] in 2020 about wallet fingerprinting.
Most transactions followed the fee rate recommendations provided by
