Author: Antoine Riard 2021-10-04 19:11:59
Published on: 2021-10-04T19:11:59+00:00
A report has been released highlighting specification-level vulnerabilities affecting lightning implementations, including c-lightning, lnd, Eclair, and LDK. The vulnerabilities could potentially be exploited in a range of attacks, from fee blackmailing to stealing counterparty channel balances. The vulnerabilities stem from the fact that the current BOLT specification only requires a dust limit on Alice's commitment to be under her channel reserve, allowing her to inflate the dust limit until reaching the implementation-defined max value and causing substantial losses to Bob's funds. To mitigate these vulnerabilities, various solutions have been proposed, such as rejecting an estimated large dust limit at channel opening and defining a new configurable limit for maximum dust HTLC exposure.The discovery of these vulnerabilities has been known to some LN developers since Q1 2019, with Rusty Russell opening an issue against the specification in November 2019. Credit is given to Eugene Siegel for reporting the exploitation and contributing insights about attacks, while Bastien Teinturier and Matt Corallo provided numerous contributions to the development of mitigations.In May 2020, a high-level attack scenario was published that highlighted the lack of check on a counterparty's dust limit. This vulnerability was leveraged to successfully burn the majority of a targeted node balance in fees during a test conducted in February 2021 against LND software. Following this, the maintainers of CL/LND/Eclair/LDK were notified and mitigations began to be developed on the LDK-side. In July 2021, discussions arose around exploiting the trimmed-to-dust mechanism at `update_fee` reception. Mitigations were developed and released on the LDK-side during August 2021, with vulnerabilities disclosed to other Lightning projects such as Muun wallet and Electrum. During August 2021, there were active discussions regarding the Bitcoin Core dust limit on the mailing list, which could have impacted the ongoing development of the mitigations.Despite highlighting the lack of well-defined communication processes across Lightning teams, developers from three different implementations actively participated in diagnosing vulnerabilities and developing mitigations for long-standing specification issues affecting the whole Lightning ecosystem. A timeline of events is provided, including the opening of a BOLT PR #894 covering the lack of verification of counterparty per-HTLC `dust_limit_satoshis`, the development of mitigations in LDK, and the submission of BOLT PR #919 covering remaining vulnerabilities.
Updated on: 2023-06-03T06:11:59.289198+00:00