Critical Vulnerability Information Vulnerability Type: Hashed Timelock Contracts (HTLCs) Affected Component: HTLC spending condition Description: HTLCs allow locking ecash tokens to either the hash of a preimage or a timelock. The preimage data is essential for spending the locked tokens and is included in the witness data. If an application depends on retrieving the preimage without knowledge of the spender’s private key, it must verify whether the mint supports this capability by querying the endpoint as specified in NUT-07. Potential Risks: - If the mint does not support this spending condition, proofs may be treated as standard anyone-can-spend tokens. - Applications must verify mint support for this feature via the endpoint to ensure secure token spending. Mitigation: - Applications should always query the endpoint to confirm mint support for the HTLC spending condition. - Ensure the application securely handles scenarios where the mint does not support this feature. - Leverage NUT-07 for preimage retrieval functionality. - Implement additional security measures, such as signature flags and multisig requirements, as outlined in NUT-11. Related Specifications: - NUT-10: Describes the well-known format - NUT-07: Endpoint for preimage retrieval - NUT-11: Signature scheme and additional security features