Author: ZmnSCPxj 2022-11-28 11:50:45
Published on: 2022-11-28T11:50:45+00:00
In a discussion on the Lightning-dev mailing list, concerns were raised about the potential for denial-of-service (DoS) attacks on the Lightning Network. The issue arises from the use of credentials, which are used to prevent DoS attacks by allowing only one-time creation of a single HTLC. The concern is that malicious nodes could become clients of other Lightning Service Providers (LSPs), harvesting their tokens and then using them to launch wide attacks on the network, thereby reducing the reputation of competitor LSPs. However, it was pointed out that credential tokens are blinded, so forwarding nodes can't use them to determine the origin of payments, making blaming another node impossible.The response to this is usually to attack the mitigation, but it was suggested that this would not be economically rational if forwarding nodes charge a large enough fee on successful resolution of payments. In addition, it was noted that jamming attacks require that attackers tie up their funds on Lightning too, sacrificing opportunity costs in forwarding fees. Therefore, while such attacks could impose costs on others, the attacker would also lose a substantial amount in terms of lost opportunity to earn forwarding fees. It was also suggested that clients who help many other clients make successful payments may receive more credential tokens than they'll ever need. By allowing the LSP to instead use those tokens for other clients, it's possible for later clients to avoid paying for credential tokens, equivalent to free upfront fees. As long as the LSP can prevent a client from using too many tokens and requires the client to pay other inescapable costs, it shouldn't be possible for a competitor to substantially drain the token capital of an LSP without losing a substantial amount of its own money.
Updated on: 2023-06-03T10:41:03.941759+00:00