[Lightning-dev] Full Disclosure: CVE-2021-41591/ CVE-2021-41592 / CVE-2021-41593 "Dust HTLC Exposure Considered Harmful"
luke at dashjr.org
Mon Oct 4 15:57:13 UTC 2021
On Monday 04 October 2021 15:09:28 Antoine Riard wrote:
> Still during August 2021, the Bitcoin Core dust limit was actively
> discussed on the mailing list. Changes of this dust limit would have
> affected the ongoing development of the mitigations.
The "dust limit" is arbitrarily decided by each node, and cannot be relied
upon for security at all. Expecting it to be a given default value is in
itself a security vulnerability.
P.S. It'd be nice if someone familiar with these could fill in
More information about the Lightning-dev