Author: Matt Corallo 2022-04-23 18:24:01
Published on: 2022-04-23T18:24:01+00:00
The email thread discusses concerns related to the security assumptions of CTV-based vaults. The author suggests that if an attacker steals the hot key, they can wait for the user to unvault their funds and then race or outspend the user's transaction with their own. This is what is expected to happen in the dark forest. The security assumption of CTV-based vaults is that one must not withdraw more than their hot wallet risk tolerance. However, this attack does not make the situation any worse than simply stealing the hot wallet key immediately after a withdrawal. The drawback of this attack is that if the hot wallet key is stolen, all CTV outputs must be rotated, and CTV outputs must never be larger than the hot wallet risk tolerance amount. These limitations are frustrating but not security limitations. Additionally, there are issues related to fee management that would likely benefit from a less constrained design for covenants. The author notes that they have always been in favor of a less constrained covenant design for ten reasons, but it is a separate topic from the current discussion.
Updated on: 2023-05-22T19:38:08.124419+00:00