[Lightning-dev] Full Disclosure: CVE-2021-41591/ CVE-2021-41592 / CVE-2021-41593 "Dust HTLC Exposure Considered Harmful"

Luke Dashjr luke at dashjr.org
Mon Oct 4 15:57:13 UTC 2021

On Monday 04 October 2021 15:09:28 Antoine Riard wrote:
> Still during August 2021, the Bitcoin Core dust limit was actively
> discussed on the mailing list. Changes of this dust limit would have
> affected the ongoing development of the mitigations.

The "dust limit" is arbitrarily decided by each node, and cannot be relied 
upon for security at all. Expecting it to be a given default value is in 
itself a security vulnerability.

P.S. It'd be nice if someone familiar with these could fill in 

More information about the Lightning-dev mailing list