Erick λ
Erick λ
We have this workaround because currently the only implementation that doesn't require the payment secret on decoding bolt11 is LND. They have plans to require it, so soon we won't...
I was doing differential fuzzing on lightning P2P messages and noticed that `LND` doesn't verify if the length of SCID TLV is correct or not causing it to parse messages...
Final nodes should reject payments that include `short_channel_id` in their payload, as this field is only meaningful for forwarding nodes. While BOLT 4 specifies that writers MUST NOT include `short_channel_id`...
During differential fuzzing between C-lightning and rust-lightning, discovered that C-lightning incorrectly accepts offers with offer_currency set but offer_amount missing, while rust-lightning rejects them. The BOLT 12 specification states in "Requirements...
Differential fuzzing across Lightning implementations revealed inconsistent handling of bech32 padding in BOLT 12 offers. Some implementations enforce BIP-173's 4-bit padding constraint while others not. - Lightning-kmp and Eclair enforce...
The BOLT 12 specification doesn't explicitly address how to handle an `offer_chains` field that is present but contains zero chain hashes. Currently the spec defines: - Field omitted: Bitcoin only...
Eclair fails to validate fallback addresses in BOLT 11 invoices and incorrectly parses invoices that should be rejected. During invoice decoding (parsing a BOLT 11 string), the flow is: 1....
`unwrapPacket` passes the full 2600-byte `hopInfo` buffer to `DecodeHopPayload`, but only the first 1300 bytes contain routing info. The remaining 1300 bytes are zero-padding used for XOR decryption. A malformed...