-
br-m<kiersten5821:matrix.org> ok, i think this doesn't fix the problem, because the transfer function doesn't let you select inputs > <@jeffro256> monero-project/monero #10281
-
br-m<kiersten5821:matrix.org> so say a legitimate user did transfer, and the tx failed during the multisig step
-
br-m<kiersten5821:matrix.org> and then a new block comes
-
br-m<kiersten5821:matrix.org> and new inputs come in
-
br-m<kiersten5821:matrix.org> and then the transfer function picks entirely different inputs
-
br-m<kiersten5821:matrix.org> now you're bricked
-
br-m<kiersten5821:matrix.org> because you can't distinguish this and the malicious ca
-
br-m<kiersten5821:matrix.org> but you also can't make the transfer using the initial inputs
-
br-m<kiersten5821:matrix.org> separately, the vuln response process readme github.com/monero-project/meta/blob…r/VULNERABILITY_RESPONSE_PROCESS.md doesn't have a valid link to see the current pool available to pay bounties
-
br-m<jeffro256> Its kind of hacky, but you can freeze of all the other inputs , then transfer, then thaw them all