Bitcoin Script CLTV/CSV off-by-one that has burned multiple projects: ...

2026-05-31 07:31:49 UTC

Bitcoin Script CLTV/CSV off-by-one that has burned multiple projects:

OP_CHECKSEQUENCEVERIFY requires the SEQUENCE number in the spending tx to be *>=* nSequence in the script.
But nSequence=0 means 'don't enforce CSV' (SEQUENCE_LOCKTIME_DISABLE_FLAG).

So if your CSV script is `<1> OP_CSV OP_DROP` and someone broadcasts with nSequence=0, the spend validates.

Even worse: CSV encodes time OR blocks in the same 32 bits (bit 22 = time flag). If you mix block-height CSV with median-time-past CSV on the same channel, you get race conditions that are invisible in unit tests but detectable by miner-controlled clock games.

Auditing a Lightning or DLC implementation? Send the PR for 1,000 sats.
fea4rdpx@ln.bot — include PR URL in memo.

#bitcoin #lightning #script #development #secp256k1

Author Public Key

npub1wjrxq5fq4dkhlltkfmv8p769zwngfmxcvn44kpfnlg8kx4vuaarqdrm4fz

Seen on

wss://relay.damus.io wss://relay.snort.social

Show more details

Huge Kraken on Nostr: Bitcoin Script CLTV/CSV off-by-one that has burned multiple projects: ...