From: ZmnSCPxj <ZmnSCPxj@protonmail.com>
To: Antoine Riard <antoine.riard@gmail.com>
Cc: Gleb Naumenko <naumenko.gs@gmail.com>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Time-dilation Attacks on the Lightning Network
Date: Mon, 08 Jun 2020 04:56:56 +0000 [thread overview]
Message-ID: <0c12JSDyiAy6W118uPNSz2mGj53mOB1a88HBgN5icKHMyUCIW3iCjuscuwQxpniW6sxEwLi51UujOXSwBhsWD3KmQlFBADJ5vRU0Xr1YUz0=@protonmail.com> (raw)
In-Reply-To: <CALZpt+FF0e1wSY5mBY-rVLQu4EGAjQefK9EQDCiExqMvKVc5UQ@mail.gmail.com>
Good morning Antoine,
> > Since the issue here is that eclipsing of Bitcoin nodes is risky, it strikes me that a mitigation would be to run your Bitcoin fullnode on clearnet while running your Lightning node over Tor
>
> We clearly mention that risk of running a Bitcoin node over Tor, where do we recommend running a LN node over Tor ?
Nowhere, *I* am the one recommending this.
Running both Bitcoin and Lightning nodes on clearnet automatically links them, making them easier to attack, whereas running Lightning on Tor does not.
Of course, they could still be linked by onchain transaction monitoring, but at least this increases the effort to attack, hopefully it becomes marginally less desirable to attack you.
On the other hand, you *could* run them on different public IP addresses, if you happen to have more than one; for those who do not even have a single public IP address there is no real choice if you want to let others to connect to you, Tor hidden service is the only Lightning-supported way to be accessible without a public IP.
(There are sections of the world where commodity "home" internet connections do not automatically get a public IP, and the privilege of getting one may be an additional cost; though of course if you have no real intent to help support either the Bitcoin or Lightning networks, you do not need a public IP anyway, and with IPv6 it becomes less and less likely that a randomly-chosen entity would be unlucky enough to not get a public IP.)
> > The victim *could* instead check that the absolute timelocks seem very far in the future relative to its own view of the current blockheight.
> I think you're right it's really dependent on CLTV_delta deployed on the path and time-dilation offset. The alternative you're proposing is a good one, but you shouldn't know where you're in the path and max CLTV is 2048 blocks IIRC.
Seeing an incoming payment that violates the max CLTV is a good indication you have been eclipsed.
On the other hand, if your Bitcoin node is eclipsed, then it seems likely your Lightning node is also eclipsed (if running over the same hardware) and you might not receive any indication over Lightning that you have been eclipsed anyway.
I suppose we need to identify just exactly *what* ways a node of either type can be eclipsed; it seems that mitigations that protect against one kind of eclipse will not work in general with other kinds of eclipse.
Regards,
ZmnSCPxj
next prev parent reply other threads:[~2020-06-08 4:57 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <2e8fba65-f7fa-4c37-a318-222547e25a06@Spark>
2020-06-03 16:20 ` [bitcoin-dev] Time-dilation Attacks on the Lightning Network Gleb Naumenko
2020-06-04 2:58 ` ZmnSCPxj
2020-06-05 10:10 ` Aymeric Vitte
2020-06-05 11:44 ` ZmnSCPxj
2020-06-05 15:41 ` Aymeric Vitte
2020-06-07 22:31 ` Antoine Riard
2020-06-08 4:56 ` ZmnSCPxj [this message]
2020-06-08 16:43 ` Aymeric Vitte
2020-06-10 23:34 ` ZmnSCPxj
2020-06-11 9:21 ` Antoine Riard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='0c12JSDyiAy6W118uPNSz2mGj53mOB1a88HBgN5icKHMyUCIW3iCjuscuwQxpniW6sxEwLi51UujOXSwBhsWD3KmQlFBADJ5vRU0Xr1YUz0=@protonmail.com' \
--to=zmnscpxj@protonmail.com \
--cc=antoine.riard@gmail.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=naumenko.gs@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox