Hi Antoine,
Excellent work as usual!
When this was initially reported, I suspected that btcd wasn't actually
affected by this issue (proper RBF inheritance). I wrote a unit test earlier
today to confirm this: https://github.com/btcsuite/btcd/pull/1719.
I'm particularly fond of btcd's
Hi Luke,
> Is there a list of software impacted by this CVE, and the versions it is
fixed
in?
Speaking only for LN clients, as I think they're the only ones deployed
with real funds at stake. Defect is mitigated by new "anchor" channel type,
forcing RBF-signaling on all transactions.
* lnd v0.12
Hi Ruben,
Thanks for raising awareness about spacechains/BMM, I didn't have knowledge
it was relying on a fee-based English auction to mine side-blocks. IIUC,
it's another type of dynamic membership
multi-party signature where parties are block-signing with a fee proposal
instead of a PoW ?
Is there a list of software impacted by this CVE, and the versions it is fixed
in?
(Note this isn't a vulnerability in Bitcoin Core; BIP125 is strictly a policy
matter, not part of the consensus rules and never safe to rely on in any
case...)
On Thursday 06 May 2021 13:55:53 Antoine Riard
Hi Antoine,
Thanks for bringing this up.
It seems spacechains[0] are impacted by this. Simply explained, the idea is
to allow for fee-bidding Blind Merged Mining[1] by creating one transaction
for each block, to which anyone can attach a block hash. The preferred
mechanism utilizes
Hi Antoine,
Thank you for the disclosure.
> * Onchain DLC/Coinswap/Vault : Those contract protocols have also multiple
> stages of execution with time-sensitive transactions opening the way to
> pinning attacks. Those protocols being non-deployed or in early phase, I
> would recommend that
Hi,
I'm writing to report a defect in Bitcoin Core bip125 logic with minor
security and operational implications for downstream projects. Though this
defect grieves Bitcoin Core nodes 0.12.0 and above, base layer safety isn't
impacted.
# Problem
Bip 125 specification describes the following