Author: Matt Corallo 2015-08-14 18:53:59
Published on: 2015-08-14T18:53:59+00:00
In a bitcoin-dev discussion, Joseph Poon suggested that Lightning needs mitigations for a systemic supervillain attack, which could be handled by a timestop bit as originally suggested by gmaxwell. However, Mark Friedenbach doesn't think the risk is high enough to worry about and a protocol-level complication isn't worth doing. The scenario in question involves a hub turning evil and trying to cheat every single one of its users out of their bonds, but since a lightning user has time to broadcast their own transactions spending part or all of the balance as fees, they are protected from such behavior. The optimal outcome is for users to be honest participants. Even if users are still concerned about this scenario, a simpler solution would be outsourcing the response to an attack to a third party or otherwise engineering ways for users to respond-by-default even if their wallet is offline, or otherwise assuring sufficient coordination in the event of a bad hub. However, if a former-hub is a miner with enough hashrate to get one or three blocks in the next day, it can claim the last 1% of many of the transactions that take longer than a day to confirm, even if users pay huge fees.
Updated on: 2023-05-19T21:31:25.523803+00:00