Author: airam at gta.ufrj.br 2022-08-09 21:44:35
Published on: 2022-08-09T21:44:35+00:00
On 26 July 2022, a discussion took place on the Lightning-dev mailing list regarding the rate-limiting of onion messages in the Lightning Network. The discussion involved various developers and experts in the field and revolved around the proposed scheme for preventing spamming of onion messages.The proposal was based on "backpressure," which applies pressure backwards to nodes that generate traffic above a certain limit. One question raised during the discussion was why the same scheme cannot be applied to HTLCs (Hash Time-Locked Contracts). It was pointed out that the HTLC DoS is fundamentally different from onion message spamming because the culprit is not always upstream, and backpressure cannot work.Another concern raised was the possibility of an attacker exhausting or reducing targeted onion communication channels to prevent invoices exchanges between LN peers. However, this was addressed through the proposed scheme.The discussion also shed light on how the scheme works and its limitations. A simple single node simulation was conducted to demonstrate its effectiveness, and it showed that spammers are eventually throttled down while legitimate user packets keep being handled. However, it was noted that once a legitimate user hits the rate-limit, it becomes easier to hit it again, leading to a down-spiral effect. This can be mitigated by picking a long enough delay before retrying.In conclusion, the discussion on the Lightning-dev mailing list highlighted various concerns and considerations regarding the rate-limiting of onion messages in the Lightning Network. While the proposed scheme appears to be effective against spamming, its limitations and potential downsides were also discussed.The email discussion on the Lightning-dev mailing list suggests that tighter message rate limits are needed to prevent spam. However, there is currently no backpressure created on incoming channels to lower the `max_pending_htlc` limit dynamically. The idea of extending this approach to combat short-lived htlc spam is also discussed. The email was sent by Lucas Airam C. de Souza, a M.Sc. student at GTA/PEE/COPPE at the Universidade Federal do Rio de Janeiro.
Updated on: 2023-06-01T19:07:39.009424+00:00