pull down to refresh

Can someone explain the recently-found LN security flaw in simple terms?
4451 sats \ 12 comments \ @MattInTech 23 Oct 2023 bitcoin
Hi guys, I was reading some stuff about the LN security flaw that everyone is talking about (https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-October/022032.html) but found it quite technical and difficult to understand.
While I take some time to read all relevant documentation (will list it below), is there anyone patient enough to explain in very simple terms what happened, and what the security issue is about? I couldn't find good articles around, if you have interesting material please post it below!
Additional resources: https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf https://arxiv.org/pdf/2006.08513.pdf https://github.com/ariard/bitcoin/commits/2023-test-mempool https://github.com/lightning/bolts/pull/772
write
preview
related posts
2609 sats \ 3 replies \ @TonyGiorgio 23 Oct 2023
The best resource visualized: https://www.nobsbitcoin.com/how-does-a-lightning-replacement-cycling-attack-work/
Explained simply:
Imagine papercliping garbage to a legal bill, but then the whole thing gets thrown out because of it. So a new bill is proposed but the attacker paperclipped more garbage to it and it doesn't pass again. Eventually it is no longer possible to submit the bill and attackers win.
In this case the bill is your in flight payment that you're trying to redeem on chain before the timeout.
reply
92 sats \ 0 replies \ @go 23 Oct 2023
Thank you
reply
21 sats \ 0 replies \ @oraltosun 23 Oct 2023
Nice explanation.
reply
0 sats \ 0 replies \ @brandonsbytes 23 Oct 2023
deleted by author
reply
56 sats \ 1 reply \ @knorozov 23 Oct 2023
Latest Rabbit Hole Recap episode addressed it.
reply
120 sats \ 0 replies \ @MerryOscar 23 Oct 2023
https://fountain.fm/episode/eqkU58CL31KmJiKOshFD
reply
111 sats \ 0 replies \ @om 23 Oct 2023
There's a stupid mempool thing that if you have transactions X, Y and Z such that X conflicts with Y and Y conflicts with Z, then X could be ousted by Z even if they don't conflict. It goes like this: Y replaces X, then X is thrown out of mempool, then Z can replace Y.
In very specific circumstances this can be used maliciously to block somebody from posting a transaction. LN assumes that everybody is able to post a transaction within a certain time from the moment they desire to do so, but this assumption is invalidated by the attack.
In the specific case of LN, LN nodes can avoid the issue by scanning the mempool. But IMHO the mempool behaviour is the thing to fix.
reply
0 sats \ 0 replies \ @w0nderl4nd 25 Oct 2023
Interesting to check out: https://bitcoinmagazine.com/technical/postmortem-on-the-lightning-replacement-cycling-attack
As my father used to say: 'Sometimes what seems like a tidal wave is just a fart in a bathtub'.
reply
253 sats \ 3 replies \ @Zepasta 23 Oct 2023
deleted by author
reply
21 sats \ 1 reply \ @nicosey 23 Oct 2023
Storm in tea cup?
reply
366 sats \ 0 replies \ @dieselbaby 24 Oct 2023
Hardly. I think the people who are trying to downplay this are engaging in a bit of copium, to be honest. There are many issues with the lightning network that people are keen to ignore and not discuss, I think it's actually quite a serious issue (the lack of discussion/willingness to engage in anything remotely bordering on self-criticism or critique in an honest way) in the bitcoin community that we need to talk about more often.
That said, aside from the aforementioned other issues (which there are plenty of; just outside of the scope of this particular post/thread), one of the more well-known bitcoin core/lightning network devs (who I understand is someone well-regarded and respected within that sphere of people) has decided to no longer be doing dev work for lightning because of this. I think that's worrying enough to merit concern.
reply
0 sats \ 0 replies \ @brandonsbytes 23 Oct 2023
deleted by author
reply