Published on: 2020-06-11T09:21:48+00:00
Antoine proposed an AltNet+Watchdog proposal in Core that covers the need for a driver framework to plug alternative transport protocols such as radio, DNS, LN Noise, and Tor's Snowflake. The proposal is more generic than just pure LN as privacy-concerned users may want to broadcast their transactions over radio.ZmnSCPxj suggested having a separate software daemon that performs de-eclipsing for Bitcoin full nodes. This deeclipser can use a plugin system and isolate the plugins from the main fullnode software. The P2P protocol can be used so that the fullnode run could be a non-Bitcoin-Core fullnode, such as btcd or rust-bitcoin.A recent discussion on bitcoin-dev highlighted the issue of running both Bitcoin and Lightning nodes on clearnet, which increases their vulnerability to attacks. Running Lightning on Tor could prevent linking, although there is still a possibility of being linked by on-chain transaction monitoring. It was also pointed out that running mixed Bitcoin and/or LN nodes in clearnet and Tor is not difficult for a Tor attacker to identify.The issue of eclipsing Bitcoin nodes being risky has been raised, with a recommendation to mitigate it by running a Bitcoin fullnode on clearnet and a Lightning node over Tor. Checking that absolute timelocks are far in the future compared to the current blockheight is another way to determine if an incoming payment violates the max CLTV. Different types of node eclipses require different mitigations.The research presented in the email thread discusses a time-dilation attack on concurrent transactions that use timelocks. The attack can be performed with just one channel to the victim. The suggestion is to run the Bitcoin node on clearnet and the Lightning node over Tor and connect to random Bitcoin full nodes or Electrum servers.The discussion in this context is about the proposal of a decentralized anonymizer network, which is different from the Tor network. The proposal suggests making a bridge between Tor and clearnet by running two full nodes on the computer. The Tor-fullnode can be used to propagate transactions, but the eclipse attacker can still attack all Tor exit nodes and block outgoing transaction traffic.The Tor network's dependence on a limited set of exit nodes weakens its security. However, Tor hidden services provide good within-Tor rendezvous points. One solution could be to make a bridge between Tor and clearnet by running two fullnodes on the computer. This method would help propagate transactions through the Tor-fullnode while maintaining privacy. However, the eclipse attacker could still attack all Tor exit nodes and block outgoing transaction traffic to perform eclipse attacks.In a discussion on bitcoin-dev mailing list, ZmnSCPxj suggested running Bitcoin fullnode on clearnet while running Lightning node over Tor to mitigate the issue of eclipsing of Bitcoin nodes. However, there is a risk of correlation between the Lightning node and the Bitcoin node when transactions are broadcast with the attached Bitcoin node. The idea of using Tor network for bitcoin was dismissed as it is based on a wrong postulate.The article discusses an attack on the Lightning Network that targets per-hop packet delay. The attacker routes via the victim, who should have at least two channels with the attacker. The article also suggests running a Bitcoin full node on clearnet while running a Lightning node over Tor as a mitigation strategy to prevent eclipsing of Bitcoin nodes.Gleb Naumenko and Antoine Riard have explored time-dilation attacks on Lightning and written a blog post and paper detailing their findings. The post discusses how an attacker can steal funds from LN users using time-dilation attacks. The authors demonstrate three ways the attacker can steal funds and discuss countermeasures which may increase the attack cost.
Updated on: 2023-08-02T02:20:47.539059+00:00