Author: Omer Shlomovits 2020-12-16 07:26:10
Published on: 2020-12-16T07:26:10+00:00
Omer recently shared his project on a traditional cyber security approach and its implementation in writing. The attacker model is intuitive, where an attacker attacks a machine that happens to run a lightning node, assuming channels security is sound. The attacked machine usually has security measures in place. The assumption is that the attacker does not necessarily achieve full control over the node but only some elevated access. The paper analyses the different scenarios and what an attacker can achieve. It suggests that due to the unique key structure and usage in lightning, it is not trivial for an attacker to profit from this situation as opposed to bitcoin where any access to key material equal profit to an attacker. The second part of the project offers a quorum-based design that mitigates the attacks using threshold cryptography. This is one viable solution, but there are tradeoffs that need to be discussed. One nice thing about this approach is that it allows re-using the existing watchtowers. The last part presents a simple bribing attack on the current watchtower design, and hand waves on how game theory shows that a quorum structure like theirs may provide a path to solving it.The link to the writeup is provided for further reading. The paper is written at a high level only so that readers can focus on the several new ideas mentioned above. The work is far from complete, as no formal security arguments are given, and real-world considerations like fee structure and parameters are avoided. Omer is looking for feedback on this project.
Updated on: 2023-06-03T03:29:39.087180+00:00