mirror of
https://github.com/lightning/bolts.git
synced 2024-11-19 01:50:03 +01:00
BOLT 2: specify that you can't send funding_locked until you've checked the tx.
We might argue this does not apply if you set `minimum_depth` to 0, since you're assuming trust (TurboChannels-style), but it needs to be specified. See: CVE-2019-12998 / CVE-2019-12999 / CVE-2019-13000 Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell
parent
3154157459
commit
78bc516f96
@ -401,6 +401,8 @@ This message indicates that the funding transaction has reached the `minimum_dep
|
||||
#### Requirements
|
||||
|
||||
The sender MUST:
|
||||
- NOT send `funding_locked` unless outpoint of given by `funding_txid` and
|
||||
`funding_output_index` in the `funding_created` message pays exactly `funding_satoshis` to the scriptpubkey specified in [BOLT #3](03-transactions.md#funding-transaction-output).
|
||||
- wait until the funding transaction has reached
|
||||
`minimum_depth` before sending this message.
|
||||
- set `next_per_commitment_point` to the
|
||||
@ -409,7 +411,7 @@ transaction, derived as specified in
|
||||
[BOLT #3](03-transactions.md#per-commitment-secret-requirements).
|
||||
|
||||
A non-funding node (fundee):
|
||||
- SHOULD forget the channel if it does not see the
|
||||
- SHOULD forget the channel if it does not see the correct
|
||||
funding transaction after a reasonable timeout.
|
||||
|
||||
From the point of waiting for `funding_locked` onward, either node MAY
|
||||
|
||||
Loading…
Reference in New Issue
Block a user