Author: ZmnSCPxj 2020-04-22 06:08:06
Published on: 2020-04-22T06:08:06+00:00
In a discussion on the Bitcoin development mailing list, ZmnSCPxj proposed a new mechanism to protect against RBF (Replace-By-Fee) attacks on HTLC (Hashed Time-Locked Contract) transactions in the Lightning Network. The vulnerability occurs when a counterparty can use a low-fee transaction with RBF disabled to steal an HTLC value by claiming it after a few days using out-of-band agreements with small miners. Bidding wars can also occur between parties to get their version of reality committed on-chain. To prevent such attacks, ZmnSCPxj suggests that before L+1, HTLC-Timeout should be confirmed on-chain, which would allow B to add fees to HTLC-Timeout using `SIGHASH_NOINPUT` to make the C-side signature `SIGHASH_NOINPUT|SIGHASH_SINGLE`. If B can get HTLC-Timeout confirmed before L+1, then C cannot steal the HTLC value at all, as the UTXO it could steal from has already been spent. This mechanism is enough to sidestep the issue and does not require any change to the hashlock branch transaction of C since HTLC-Timeout is fee-bumpable.
Updated on: 2023-06-14T00:35:28.455470+00:00