Author: Matt Corallo 2019-12-10 02:05:31
Published on: 2019-12-10T02:05:31+00:00
The Lightning Network (LN) is a payment protocol built on top of Bitcoin that enables instant and cheap transactions. However, LN is vulnerable to Eclipse attacks, which can result in theft of funds. While Bitcoin Core has some protection against generic sybil-based Eclipse attacks, it is not sufficient in a model like Lightning where more is at stake from simple no-hashrate Eclipse attacks.It is crucial for Lightning node authors and operators to have multiple, redundant, trusted methods of receiving Bitcoin block data in a timely fashion. LN nodes using light clients as a backend are particularly vulnerable to Eclipse attacks since it would be easy for an attacker to run a swarm of them and control the blockchain view of this class of LN nodes.The article discusses two scenarios of Eclipse attacks on the base layer of Lightning, targeting the CSV security delay and per-hop CLTV-delta, respectively. To prevent such attacks, it is essential to have up-to-date blockchain data from multiple sources. Multiple countermeasures have been implemented to combat these attacks, but research should be done to ascertain their effectiveness.A practical solution would be to have multiple bitcoin full-nodes with multi-homing and doing reconciliation of blockchain views every N hour/minute. Another option would be to use the control plane as a safety mechanism. Despite concerns about the vulnerability of the system, LN implementation teams do not think funds are at risk since light clients have low-value channels right now, and it's not worth the attack setup. However, they acknowledge the issue on the long term for processing nodes.
Updated on: 2023-05-23T02:35:59.930374+00:00