Author: Jérôme Legoupil 2016-03-28 09:19:42
Published on: 2016-03-28T09:19:42+00:00
Alice and Bob have a channel with 50BTC on each side. After some time, the channel ends up with 100BTC in Bob’s favour, leaving Alice with 0BTC in that channel. Alice then broadcasts the obsolete 50/50BTC commitment tx as well as her revocable tx. When Bob sees that, he broadcasts his breach tx, but it's not being picked up in blocks. Alice follows up by broadcasting (or privately sending to major pools) the tx : Alice 50BTC -> Alice 25BTC. She is offering miners to share Bob’s 50BTC with her. Alice has nothing to lose behaving this way since she had nothing left in the channel anyways.To defend against this attack Bob should do two things. First, Bob should not allow any of his channels to drop below some certain amount, like 10% or something, in order to keep some garanty from Alice, so she won’t have an incentive to behave maliciously. Unfortunately, this reduces the channels efficiency. Second, Bob should monitor the blockchain permanently and as soon as he detects an obsolete commitment that is confirmed, he should immediately broadcast his breach tx and he should assume Alice is offering miners to collude with her. Therefore, he should engage ASAP in a scorched earth policy by broadcasting a replace-by-fee CPFP tx to himself, offering Alice’s share to miners. He can increase the fee until it is picked up. He has an advantage over Alice during the contest period but his advantage diminishes as the contest period comes near the end. If he wins, Alice loses her 10%, but 10% may not be enough to outbid Alice and Bob may end up losing money. Bob has better chances to win at a lesser cost, the longer the contest period is. If the channel contains high values, the contest period could be chosen higher than usual at setup to make it more secure.It is not sure if this defense is really convincing, but that’s the best Jérôme could come up with.
Updated on: 2023-05-23T23:20:42.705996+00:00