Re: [bitcoindev] Demonstrating Pinning Attacks under Real-World Conditions

[Antoine Riard <antoine.riard@gmail.com>]

[-- Attachment #1.1: Type: text/plain, Size: 8997 bytes --]

Hi waxwing,

Thanks for the idea of writing some gist, yes it's worthy to explain 
step-by-step if there are volunteers.
We did at least once such "blackbox" testing of attacks affecting lightning 
implementation for the dust
outputs inflation vuln, and since then the few skilled devs who knows how 
to set correctly lightning+bitcoind
nodes are usually very busy.

Yes, usually for Core it's sticking to the transaction-relay / mempool 
defaults, as it's how the lightning specs
are mostly written.

For the other questions:
amount in channel - does not really matter as long as you can do few non 
dust outputs (i.e above `GetDustThreshold`)
how many channels - only two are necessary for all the pinning kind of 
stuff, maybe one more to rebalance the liquidty accordingly
should volunteers have channels with each other? is there any aspect of 
topology you require? - no, for the simple scenario it's only a routing 
node setup
network connectivity - no Tor connections doesn't play to test the easy 
scenarios.

If you wish to catch-up a bit on all those attacks, see that years-old gist 
of mine which was
documenting a bit transaction-relay jamming: 
https://gist.github.com/ariard/7e509bf2c81ea8049fd0c67978c521af

After browsing it again, a lot of the stuff is still actual, the only big 
thing missing is
the replacement cycling attack. That one I still have remorses towards the 
whole bitcoin community
to not have caught it back at the time in 2020, and that it took me 2 more 
years to find it.

Best,
Antoine
ots hash: fbbc40b46cdf7c2877b5e2720519fd3dcaa99dbd1ac96ac5cbd0c08f0c3e94e5
Le vendredi 11 octobre 2024 à 16:23:47 UTC+1, waxwing/ AdamISZ a écrit :

> Antoine,
>
> Perhaps it would be an idea to write a gist or some other public facing 
> page with what you need from volunteers, so it's kind of step by step?
> Unlike Peter in this thread, I think most people would want/have to set up 
> new nodes to do this.
>
> You have said: Current and default installs of Core/btcd + lnd/cln/ldk . I 
> know that e.g. Core has some pretty non-trivial choices but I guess we can 
> stick religiously to whatever is default.
>
> But other details like:
> amount in channels - does it matter?
> How many channels? Channels of specific types (thinking e.g. unannounced)
> Should volunteers have channels with each other? is there any aspect of 
> topology you require?
> Network connectivity - I guess it's not important, but just in case worth 
> mentioning, e.g. should/should not use Tor etc.
>
> Forgive me if some of the questions are ignorant, I have not paid a ton of 
> attention to the discussion around these attacks.
>
> waxwing/AdamISZ
> On Thursday, October 10, 2024 at 6:29:02 PM UTC-6 Antoine Riard wrote:
>
>> Hi all,
>>
>> > If you have an on-chain donation address on the OTS website (?), I'll 
>> make a
>> > $100 donation now, it's a nice tool. And for the justice 
>> transaction...well
>> > for some scenarios you can use the latest valid commitment state to pin 
>> no risk
>> > of being slashed by a justice transaction.
>>
>> Been late on demonstrating a real-world pinning attack against a 
>> production lightning
>> node. But I swear it's real sport having to jungle with more than one 
>> category of
>> exploit to soundly test.
>>
>> OTS is a great project. I'll make a donation to it of 1 gram of gold or 
>> the equivalent
>> in fiats or satoshis at settlement (as $100 sounds to be almost equal to 
>> 1 gram of gold,
>> i.e $84.66 those days) for each month late on doing a demonstrationg of 
>> real-world pinning
>> attack, as a lateness penalty.
>>
>> Beyond it's a great tool to make notarization of any kind of digital 
>> info, inside the
>> chain where for every block there are probably two-digit terawatt hours 
>> burnt, which
>> starts to be a f*cking lot of hydro power plants.
>>
>> More generally, I called since late 2020 at least for making real-world 
>> demonstration
>> of pinning attacks against lightning nodes, among others types of 
>> cross-layers attacks,
>> At the exception of 2 ligthning protocol devs if my memory is correct, 
>> all the others
>> ones since then have shunned away from participating in a real-world 
>> demo, and Peter
>> Todd was the first one to consent and make available a lightning node 
>> available for
>> real-world demos in a "black box" fashion (indeed, it's far easier to 
>> execute exploits
>> on testing envs fully set by the researcher...).
>>
>> In the future, I believe it can only be great if bitcoin security 
>> exploits are gauged
>> more or less on the lines of artifacts available, evaluated and 
>> reproduced, as done 
>> usually by major infosec confs.
>>
>> Best,
>> Antoine
>> ots hash: 9d227f7832154c4c8bce9fce260ac84537489c1bc8c4b8c2ba990ceb197c84fc
>> Le mardi 3 septembre 2024 à 21:13:46 UTC+1, Antoine Riard a écrit :
>>
>>> > That also happens to be my Alice OpenTimestamps calendar, in 
>>> production, so
>>> > please don't do anything you expect to be CPU or RAM intensive. But if 
>>> you
>>> > accidentally take down the server, not the end of the world: OTS is a 
>>> very
>>> > redundant protocol and one calendar going down for a few hours is 
>>> unlikely to
>>> > do any harm.
>>> > 
>>> > It has about $400 of outgoing capacity at the moment, and $2000 
>>> inbound. It
>>> > gets hardly any donations at the moment, so if you manage to knock LND 
>>> offline
>>> > that's no big deal.
>>> > 
>>> > That's not my money - it's donations to the OTS calendars that I have 
>>> no right
>>> > to spend - so I'll ask you to pay for any expenses incurred by it 
>>> during
>>> > testing, and make a $100 net donation when you're done testing to make 
>>> it
>>> > worthwhile for the OTS community. If you manage to lose more than that 
>>> on
>>> > justice transactions, I'll consider that a donation. :)
>>>
>>> Many thanks Peter for that.
>>>
>>> No worries, I won't play with CPU or RAM, it's just all the 
>>> transaction-relay
>>> and mempool logic that one can interfere with. I'll make you whole of 
>>> the $2400
>>> if the LND node goes down too hard, though I'm just looking for a node 
>>> running
>>> on mainnet, for a pinning the attacker has two open to channels and 
>>> re-balance
>>> the liquidity at its advantage a bit. I'll provide the liquidity by 
>>> myself.
>>>
>>> If you have an on-chain donation address on the OTS website (?), I'll 
>>> make a
>>> $100 donation now, it's a nice tool. And for the justice 
>>> transaction...well
>>> for some scenarios you can use the latest valid commitment state to pin 
>>> no risk
>>> of being slashed by a justice transaction.
>>>
>>> Best,
>>> Antoine
>>> ots hash: 
>>> 19d9b61ed5238e2922205a0a0194e0830b260a691f45b4189b1d145f72c9e031
>>>
>>> Le mar. 3 sept. 2024 à 13:58, Peter Todd <pe...@petertodd.org> a écrit :
>>>
>>>> On Tue, Aug 27, 2024 at 02:10:15PM -0700, Antoine Riard wrote:
>>>> > My utmost pleasure to demonstrate some pinning attacks on nodes under 
>>>> > real-world conditions.
>>>>
>>>> Antoine Riard: until Oct 1st, you have permission to test your attacks 
>>>> against
>>>> my Lightning node running at:
>>>>
>>>>     023345274dd80a01c0e80ec4892818878...@alice.opentimestamps.org:9735 
>>>> <http://023345274dd80a01c0e80ec48928188783f9bc5281be8f5057c050492f10711a5b@alice.opentimestamps.org:9735>
>>>>
>>>> That also happens to be my Alice OpenTimestamps calendar, in 
>>>> production, so
>>>> please don't do anything you expect to be CPU or RAM intensive. But if 
>>>> you
>>>> accidentally take down the server, not the end of the world: OTS is a 
>>>> very
>>>> redundant protocol and one calendar going down for a few hours is 
>>>> unlikely to
>>>> do any harm.
>>>>
>>>> It has about $400 of outgoing capacity at the moment, and $2000 
>>>> inbound. It
>>>> gets hardly any donations at the moment, so if you manage to knock LND 
>>>> offline
>>>> that's no big deal.
>>>>
>>>> That's not my money - it's donations to the OTS calendars that I have 
>>>> no right
>>>> to spend - so I'll ask you to pay for any expenses incurred by it during
>>>> testing, and make a $100 net donation when you're done testing to make 
>>>> it
>>>> worthwhile for the OTS community. If you manage to lose more than that 
>>>> on
>>>> justice transactions, I'll consider that a donation. :)
>>>>
>>>> -- 
>>>> https://petertodd.org 'peter'[:-1]@petertodd.org
>>>>
>>>

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/2cf86d38-848c-4ead-a3a2-bc219d241f64n%40googlegroups.com.

[-- Attachment #1.2: Type: text/html, Size: 10940 bytes --]