CVE-2022-44797 – Design limitation on Lightning Labs daemon (8th Nov 2022)

Preface: Total lunar eclipse and lunar occultation of Uranus on the evening of November 8 2022.

About: A larger block size will require higher transmission time compared to the smaller block size. A smaller block is more efficient but building too small a block will require higher block composition time to clear all the transactions. Both performance factors are contradictory to each other.

Background: The Lightning Network Daemon ( lnd ) – is a complete implementation of a Lightning Network node. lnd has several pluggable back-end chain services including btcd (a full-node), bitcoind , and neutrino (a new experimental light client).
The Lightning Network is a second layer added to Bitcoin’s blockchain that allows off-chain transactions, i.e. transactions between parties not on the blockchain network.

Vulnerability details: btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.

Ref”: “maxWitnessItemSize” is the maximum allowed size for an item within an input’s witness data. This number is derived from the fact that for script validation, each pushed item onto the stack must be less than 10k bytes.

Remedy: The issue here is that the old checks for the maximum witness size, circa segwit v0 where placed in the wire package as well as the tx engine. This check should only be in the engine, since it’s properly gated by other related scrip validation flags.

The fix itself is simple: limit witnesses only based on the maximum block size in bytes, or ~4MB.

Official announcement: Please refer to the link for details –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.