The under is a direct excerpt of Marty’s Bent Problem #1278: “One other LND/btcd bug emerges.” Join the e-newsletter right here.
For the second time in lower than a month, btcd (another implementation of Bitcoin) and, by extension, LND (one of many Lightning implementations) grew to become incompatible with the remainder of the Bitcoin community resulting from some meddling from a developer named Burak.
On October 9, Burak accomplished a 998-0f-999 tapscript multisig transaction that btcd acknowledged as invalid whereas Bitcoin Core and different implementations (accurately) acknowledged it as legitimate. Since LND’s implementation of the Lightning Community will depend on btcd, it grew to become incompatible with the remainder of the Lightning Community, subsequently disrupting all of their customers’ potential to transact safely. Not very best.
Quick-forward to yesterday and Burak was again once more to disrupt btcd and LND with the kind of transaction you see above: a P2TR (pay-to-taproot) spend containing N OP_SUCCESSx with 500,001 pushes, which exceeds the restrict hardcoded into btcd. Whereas the 998-of-999 tapscript multisig transaction gave the impression to be an sincere mistake, yesterday’s transaction was an overt exploit within the wild by Burak.
Proof Burak knew this could break LND
One thing to notice about this OP_SUCCESSx transaction is that it usually wouldn’t be included in a block. Nonetheless, it appears that evidently Burak bribed miners by attaching a very excessive price to this transaction that F2Pool couldn’t resist.
This example has surfaced quite a lot of debate over the past two days. Was Burak unsuitable to use this bug within the wild on mainnet? Ought to he have correctly disclosed the vulnerability to btcd and LND in non-public, permitting them to patch the code earlier than the bug was exploited within the wild? Ought to LND be depending on btcd, which is another implementation of Bitcoin that doesn’t get practically as near the quantity of consideration and evaluation that Bitcoin Core receives?
Your Uncle Marty actually doesn’t have the suitable solutions to all of those questions, nevertheless it’s essential for you freaks to pay attention to these things so I believed I’d carry them to your consideration.
That is the character of open supply distributed methods. There may very well be quite a lot of vulnerabilities lurking on the market and there’s no clear technique to deal with the issues. Many will advocate for accountable disclosures in non-public whereas others will advocate for overt adversarial actions that power the problem. This is without doubt one of the trade-offs you select whenever you determine to choose right into a free market financial community.