Author: Joost Jager 2019-04-09 09:14:08
Published on: 2019-04-09T09:14:08+00:00
In a recent pull request on GitHub, the Lightning Network's incorrect_or_unknown_payment_details failure message was extended with an htlc_msat field to replace the previous incorrect_payment_amount message. This change was made to prevent a probing attack that allowed an intermediate node to determine the final destination of a payment. However, a question was raised about whether the same change should be applied to the cltv expiry. Currently, lnd returns a final_expiry_too_soon message if the htlc expiry does not meet the invoice cltv delta requirement. This could also be used for probing by using low expiry values. The proposed change would be to return an incorrect_or_unknown_payment_details failure message (with a new htlc_expiry field) when the htlc expiry does not meet the invoice cltv delta requirement. This change would help prevent probing attacks and enhance the security of the Lightning Network.
Updated on: 2023-06-01T18:10:01.691710+00:00