public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Mark Friedenbach <mark@friedenbach.org>
To: Joseph Poon <joseph@lightning.network>
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [BIP-draft] CHECKSEQUENCEVERIFY - An opcode for relative locktime
Date: Thu, 13 Aug 2015 17:47:17 -0700	[thread overview]
Message-ID: <CAOG=w-vJ3DQdXoVfdyXPQXWCvS=ByW-CgqY50OEZYfQbxR5bMg@mail.gmail.com> (raw)
In-Reply-To: <20150813234213.GH2123@lightning.network>

[-- Attachment #1: Type: text/plain, Size: 2512 bytes --]

On Thu, Aug 13, 2015 at 4:42 PM, Joseph Poon via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> I haven't tested the details of this, but is there another bit available
> for use in the future for the relative blockheight?
>
> I strongly believe that Lightning needs mitigations for a systemic
> supervillan attack which attemps to flood the network with transactions,
> which can hypothetically be mitigated with something like a timestop
> bit (as originally suggested by gmaxwell).
>

This proposal includes no such provision.

Since we talked about it, I spent considerable time thinking about the
supposed risk and proposed mitigations. I'm frankly not convinced that it
is a risk of high enough credibility to worry about, or if it is that a
protocol-level complication is worth doing.

The scenario as I understand it is a hub turns evil and tries to cheat
every single one of its users out of their bonds. Normally a lightning user
is protected form such behavior because they have time to broadcast their
own transactions spending part or all of the balance as fees. Therefore
because of the threat of mutually assured destruction, the optimal outcome
is to be an honest participant.

But, the argument goes, the hub has many channels with many different
people closing at the same time. So if the hub tries to cheat all of them
at once by DoS'ing the network, it can do so and spend more in fees than
any one participant stands to lose. My issue with this is that users don't
act alone -- users can be assured that other users will react, and all of
them together have enough coins to burn to make the attack unprofitable.
The hub-cheats-many-users case really is the same as the
hub-cheats-one-user case if the users act out their role in unison, which
they don't have to coordinate to do.

Other than that, even if you are still concerned about that  scenario, I'm
not sure timestop is the appropriate solution. A timestop is a
protocol-level complication that is not trivial to implement, indeed I'm
not even sure there is a way to implement it at all -- how do you
differentiate in consensus code a DoS attack from regular old blocks
filling up? And if you could, why add further complication to the consensus
protocol?

A simpler solution to me seems to be outsourcing the response to an attack
to a third party, or otherwise engineering ways for users to
respond-by-default even if their wallet is offline, or otherwise assuring
sufficient coordination in the event of a bad hub.

[-- Attachment #2: Type: text/html, Size: 2977 bytes --]

  reply	other threads:[~2015-08-14  0:47 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-08-13 11:06 [bitcoin-dev] [BIP-draft] CHECKSEQUENCEVERIFY - An opcode for relative locktime Btc Drak
2015-08-13 18:12 ` Mark Friedenbach
2015-08-13 19:20   ` Gregory Maxwell
2015-08-13 23:42 ` Joseph Poon
2015-08-14  0:47   ` Mark Friedenbach [this message]
2015-08-14 18:53     ` Matt Corallo
2015-08-14 21:29       ` Mark Friedenbach
2015-08-14 22:24         ` Jorge Timón
2015-08-17 19:58 ` Btc Drak
2015-08-19 10:37   ` Jorge Timón
2015-08-19 16:21     ` Mark Friedenbach
2015-08-19 21:27       ` Joseph Poon
2015-08-19 21:32         ` Jorge Timón
2015-08-20 21:23         ` Peter Todd
2015-08-24  0:25       ` Tom Harding
2015-08-24  1:01         ` Gregory Maxwell
2015-08-24  2:23           ` Jorge Timón
2015-08-24  2:37             ` Mark Friedenbach
2015-08-25 22:08               ` Mark Friedenbach
2015-08-25 22:36                 ` Tier Nolan
2015-08-27 23:32                 ` Mark Friedenbach
2015-09-16 22:40                   ` Btc Drak
2015-09-16 23:23                     ` Eric Lombrozo
2015-09-17  4:23                       ` Mark Friedenbach
2015-09-18  1:21                         ` Rusty Russell
2015-09-17  7:43                   ` jl2012
2015-08-24  2:40           ` jl2012
2015-08-24  2:54             ` Mark Friedenbach
2015-08-24  7:00               ` jl2012
2015-08-25 10:15                 ` Btc Drak
2015-08-27  3:08                   ` Rusty Russell
2015-08-27 11:03                     ` David A. Harding
2015-08-27 12:29                     ` jl2012
2015-08-30 21:33                       ` Rusty Russell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAOG=w-vJ3DQdXoVfdyXPQXWCvS=ByW-CgqY50OEZYfQbxR5bMg@mail.gmail.com' \
    --to=mark@friedenbach.org \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=joseph@lightning.network \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox