DoS: Fake Lightning Channels \ stacker news ~bitcoin

DoS: Fake Lightning Channels morehouse.github.io/lightning/fake-channel-dos/

2395 sats \ 8 comments \ @k00b 24 Aug 2023 bitcoin

100 sats \ 0 replies \ @sime 24 Aug 2023

There was a rush in April for everyone to update lightning nodes.

https://twitter.com/callebtc/status/1651646721200365589 https://twitter.com/alexbosworth/status/1651795740849741825

Now we know why :)

100 sats \ 1 reply \ @WeAreAllSatoshi 24 Aug 2023

This is a good example of why running a lightning node is nontrivial and carries risk. It’s definitely not set it and forget it. You’ve gotta stay on top of it, monitor for new updates, especially for security issues like this one.

100 sats \ 0 replies \ @sime 24 Aug 2023

I often think about if every home could have Lightning Node.

Things like this worry me.

Although my experience is minimal, I wonder if a regular joe node that only did private channels and not accepting new channels would mitigate this particular threat.

But the remote peer(s) would know about the private channel and could potentially attack joe.

10 sats \ 4 replies \ @C_Otto 24 Aug 2023

I can't find the fix in lnd's git. Could you point me to it?

10 sats \ 3 replies \ @Bitman 24 Aug 2023

Update from the March version that was mentioned.

0 sats \ 2 replies \ @C_Otto 24 Aug 2023

Which commit?

111 sats \ 1 reply \ @shibe 24 Aug 2023

https://github.com/lightningnetwork/lnd/commit/3f6315242a7ceb160c12f6997f5c020362424877

10 sats \ 0 replies \ @C_Otto 24 Aug 2023

Thank you. Sneaky...