lightning-dev

Disclosure of a fee blackmail attack that can make a victim loose almost all funds of a non Wumbo channel and potential fixes

Disclosure of a fee blackmail attack that can make a victim loose almost all funds of a non Wumbo channel and potential fixes

Original Postby Antoine Riard

Posted on: June 18, 2020 08:40 UTC

The email thread discusses various solutions to address vulnerabilities in the Lightning Network, including "Flood & Loot" attacks and blackmail scenarios that rely on the update_fee mechanism and unbounded commitment transaction size inflation.

One proposed solution is to limit the number of HTLCs used by default in Eclaire and c-lightning to 30, while another involves a PR to Bitcoin core that would allow low fees and require the person claiming their outputs to pay fees. However, these solutions have limitations, such as not protecting against different types of pinning attacks. Other suggestions include not overpaying fees in commitment transactions, avoiding adding HTLCs for which the on-chain fee is higher than the HTLC value, and aggregating HTLCs in a Taproot tree. Furthermore, the thread acknowledges the need for fee bikeshedding to ensure the security of the Lightning Network and proposes adding a hint to the readme file for disclosing attacks and vulnerabilities. Finally, the thread references a past discussion on fee futures as another potential solution.