Author: m.a.holden 2019-04-06 02:40:25
Published on: 2019-04-06T02:40:25+00:00
The Lightning Network's gossip protocol has been the subject of discussion regarding how nodes filter incoming information and whether they leak hints about what they store. The proposal suggests that nodes probabilistically filter incoming information or signal their peers to do so based on the filter given to them by the broadcaster. The default filter is a bit-mask for the depth of the quadtree matching the node's PKH. Nodes will forward information about any channel that has one or both nodes matching the bit mask, and both of the nodes for every channel.However, this commitment comes with limits, and it is not assumed that a node will know everything about its local topology. Nodes could advertise that they support a feature and then make no commitment to following it. There is concern that openly broadcasting knowledge of other nearby nodes makes them targets for DDoS attacks, but disrupting specific nodes does not necessarily disrupt other users.To prevent unwanted gossip information from being sent/received, it is suggested to always fail fast instead of admitting ignorance, and to automatically fail queries about nodes or channels outside of a specified bucket. The proposed mitigation strategies include detecting specific targeting based on information size before and after spilling, setting a low threshold on the minimum expected saving from spilling and taking countermeasures if the threshold is not met.The proposed quadtree approach involves a global tree with each node having a bucket and exactly four child nodes, except for leaves. The tree has a maximum depth that each client sets itself with the theoretical maximum being HASHLEN/2. The quadtree can be looked at from the perspective of a circle with each bucket represented by an arc of size 2pi/(4^depth). Each node commits itself to storing an arc of this circle and possibly various other nodes it happens to be directly connected to that may be far from the arc near it.The proposed distance measurement strategy maps the LN universe onto a circle and proposes using set interval ranges based on powers of 4. The node picks the range which its PKH fits into, rather than the range being centered on the node. It is argued that while different from an arbitrary distance k (arc size 2*k? ), they're not too dissimilar in the kind of distance covered. Brute-forcing the prefixes that minimize the distance between themselves and the target is suggested as a trivial task.The proposed attack involves unbalancing the octree such that one octant has a far larger number of nodes inside it than the other octants. Once the number of nodes that hold that octant drops, targeted DDoS attacks on the remaining octant-mapping nodes are executed, making the octant hard to access for 7/8 of the network. However, there are no "octant-mapping nodes." Every node knows about every channel from its own bucket to other buckets, and the target of a DDoS would essentially be the entire bucket to try and completely isolate it. Probabilistic approaches are proposed for committing to being more likely to know nodes near to them, than nodes that are not near to them. The article also suggests other gossip strategies, such as friend-of-a-friend-of-a-friend type gossip in addition to the quadtree proposal. Overall, there are potential useful optimizations in this approach that cannot be achieved with others, but if there are unresolvable problems with the idea, the focus will shift towards alternative approaches.
Updated on: 2023-06-02T18:13:19.161978+00:00