Author: Anthony Towns 2015-10-19 05:30:03
Published on: 2015-10-19T05:30:03+00:00
In an email discussion, Anthony Towns highlights the sensitivity of the relationship between a network address and the lightning network address. Revealing a network address can lead to physical identity exposure, making it easy for denial-of-service attacks, and point of entry for targeted hacking to steal money. There are three ways to associate the information: (a) given a lightning id, cheaply work out the IP that provides it; (b) given an IP, cheaply work out the lightning id associated with it; (c) given an IP and a lightning id, confirm/deny whether that lightning id is provided by that IP. The email also discusses the different attacks that one could launch based on this information. For instance, if someone has a channel with you, figuring out their IP might let attackers monitor their TCP connections, which in turn would help them figure out your IP. The email discusses various other scenarios like theft, DoS, etc. It is suggested to implement the above-mentioned ways until there is a substantial number of lightning nodes (1000s).
Updated on: 2023-05-18T15:31:27.393754+00:00