lightning-dev

Disclosure of a fee blackmail attack that can make a victim loose almost all funds of a non Wumbo channel and potential fixes

Disclosure of a fee blackmail attack that can make a victim loose almost all funds of a non Wumbo channel and potential fixes

Original Postby Jeremy

Posted on: June 20, 2020 23:13 UTC

Jeremy Rubin suggests that BIP-119 Congestion Control trees could be a solution to Lightning Protocol issues.

By bucketing a tree via a histogram of HTLC size, small HTLCs can live in a common CTV subtree and not interfere with higher value HTLCs. Sequencing can also prevent those HTLCs from getting long chains in the mempool until they're above a certain value. Antoine Riard discusses various solutions to vulnerabilities including capping commitment size, carving out outputs, dynamic dust limit, encoding all HTLC in some Taproot tree, and switching fees from pre-committed ones to a single-party, dynamic one. He also agrees with having a hint in their readme file about where and how people can disclose attacks and vulnerabilities.