This November 2022 bug is similar to the October 2022 bug. This time it impacted a quantity extra open supply tasks (e.g. Liquid and LDK) as rust-bitcoin additionally wasn’t capable of take care of the transaction that Burak broadcast. As earlier than the transaction met the Taproot consensus guidelines activated on the community in November 2021, was included in a block by F2Pool (it appears it was submitted on to F2Pool because the transaction does not meet present default coverage guidelines in Bitcoin Core nodes) and was verified by all Bitcoin Core full nodes (however not btcd and rust-bitcoin).
Burak defined the supply of the bug right here:
Bitcoin has a consensus rule that limits the variety of stack gadgets in a row to 1000. Nevertheless, a P2TR spend containing OP_SUCCESSx precedes this rule regardless.
I made a P2TR spend containing an OP_SUCCESSx opcode with 500,001 empty pushes, which because of this, brought about a consensus battle between btcd and core:
https://blockstream.information/tx/73be398c4bdc43709db7398106609eea2a7841aaf3a4fa2000dc18184faa2a7eAltering the maxWitnessItemsPerInput parameter from 500,000 to 4,000,000 solves the problem:
https://github.com/btcsuite/btcd/blob/grasp/wire/msgtx.go#L103
The related line of code is the road above the road that brought about the October 2022 bug (thanks AJ for initially pointing this out). It was mounted by Elle Mouton on this PR. The maxWitnessItemsPerInput was beforehand solely 500,000 and wanted to be bumped to 4,000,000 to satisfy the Taproot consensus guidelines. Why it was beforehand 500,000 is unclear. As Pieter says within the remark:
The 500000 worth was at all times incorrect as a restrict, since Segwit has existed. BIP141 even spells this out explicitly: “If the model byte is 1 to 16, no additional interpretation of the witness program or witness stack occurs, and there’s no dimension restriction for the witness stack.”. It could not be triggered utilizing normal transactions, however that is nonetheless the case with taproot.
When it comes to who’s impacted the reply is similar to what was said in October 2022’s reply with the exception that this time LDK is impacted additionally. Core Lightning and eclair aren’t impacted:
On the subject of who it should influence and whether or not they may lose cash, this relies on the LND consumer, on whether or not channel counterparties search to take advantage of this bug and the way rapidly customers are capable of replace to LND v0.15.2. Different Lightning node implementations (Core Lightning, eclair, LDK and so on) are unaffected. If the LND node is backed by a btcd full node then the btcd full node can even want updating. There are two methods this bug could possibly be exploited if LND customers aren’t capable of replace speedily. Channel counterparties might broadcast a revoked state and until the LND node comes again up inside 2 weeks or an exterior watchtower is employed cash could possibly be misplaced this fashion. As well as if the LND node is a routing node cash could possibly be misplaced by its lack of ability to shut a channel if HTLC hash preimage(s) aren’t supplied by channel counterparties previous to the timeout.
