Disclosure: Fake channel DoS vector [combined summary]

• Disclosure: Fake channel DoS vector Bastien TEINTURIER 2023-08-28 07:14:21+00:00
• Disclosure: Fake channel DoS vector Antoine Riard 2023-08-27 22:08:22+00:00
• Disclosure: Fake channel DoS vector Matt Corallo 2023-08-27 18:00:49+00:00
• Disclosure: Fake channel DoS vector Antoine Riard 2023-08-26 12:03:24+00:00
• Disclosure: Fake channel DoS vector Matt Corallo 2023-08-25 19:30:45+00:00
• Disclosure: Fake channel DoS vector Antoine Riard 2023-08-24 23:33:04+00:00
• Disclosure: Fake channel DoS vector Matt Morehouse 2023-08-23 18:54:20+00:00

Published on: 2023-08-28T07:14:21+00:00

Summary:

The email exchange discusses Antoine's commendable work in finding an issue and thoroughly testing it against implementations. The importance of having more people involved in finding code issues is emphasized, with hopes that Antoine's work will encourage others to do the same. However, Antoine expresses frustration regarding the measurement of review contributions and argues that a purely quantitative approach is short-sighted. He raises concerns about the weak and non-consensual code of conduct introduced last year, which he believes brings severe vulnerabilities to the project. Antoine proposes changes to improve mempool monitoring and custom script support, highlighting the need for more qualified eyes in those areas.Antoine also mentions his decision to remove himself from the security-reporting list due to concerns about the code of conduct and its potential impact on the project's security handling and community process. He believes that consensus can be rebuilt in the future but expresses doubts about the weaknesses of Lightning as a protocol and network. Antoine argues that Lightning is fundamentally weak until package relay/nversion 3 is deployed and integrated into lightning implementations. He emphasizes the ongoing work on improving usability and the importance of taking security seriously.Matt acknowledges Antoine's review contributions but suggests that he hasn't reviewed a large volume of pull requests in LDK. He questions Antoine's lack of deep understanding of the project and defends the project's commitment to security. Matt highlights the efforts being made to make Lightning useful and usable and finds it strange that Antoine would speak for a project he doesn't closely follow.In summary, the email exchange showcases differing viewpoints between Matt and Antoine regarding their involvement and contributions to the LDK project. It touches upon issues related to code review, security, usability, and the future development of Lightning as a protocol.

Updated on: 2023-08-29T02:18:52.416362+00:00