New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validate secret length in Bitcoin HTLC #416

D4nte opened this Issue Nov 14, 2018 · 0 comments


None yet
2 participants
Copy link

D4nte commented Nov 14, 2018

Currently, Alice could choose a secret longer than 32 bytes and lock ETH with it.
Then, when redeeming BTC, she can use this long secret to redeem BTC (no length check).
However, Bob will not be able to redeem ETH due to length check.


  • Update BTC HTLC to include a length check of the secret as part of the redeem branch
  • Add integration test with Bitcoin ledger that verify you cannot use a secret longer or shorter than 32 bytes

Child of #405.

@D4nte D4nte added the security label Nov 14, 2018

@D4nte D4nte changed the title Validate secret length Validate secret length in Bitcoin HTLC Nov 14, 2018

@D4nte D4nte referenced this issue Nov 18, 2018


Validate secret length in ETH&ERC20 HTLC #433

0 of 2 tasks complete

@D4nte D4nte added the icebox label Nov 22, 2018

@bonomat bonomat added groomed and removed icebox labels Dec 12, 2018

@D4nte D4nte added sprint-backlog and removed groomed labels Dec 12, 2018

@D4nte D4nte added this to the Sprint 3 milestone Dec 12, 2018

@D4nte D4nte self-assigned this Dec 17, 2018

@D4nte D4nte referenced this issue Dec 18, 2018


Check Secret Length in Bitcoin HTLC #586

1 of 1 task complete

@wafflebot wafflebot bot added review and removed work-in-progress labels Dec 18, 2018

@mergify mergify bot closed this in #586 Dec 21, 2018

@wafflebot wafflebot bot removed the review label Dec 21, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment