Attack 1. Bad guys maneuver themselves into key positions in LN and then suddenly turn off their nodes. Result: LN will experience problems for a short time until somebody opens new channels to fix the problem. Also it's not like maneuvering into key positions is an easy feat to accomplish.
Attack 2: Bad guys open a $100 channel, pay $100 to their other node but then close the $100 channel pretending that they never paid the $100. Watchtowers must slash the bad guys. The point of the paper is that if the bad guys do this a lot and if the watchtowers are not ready to pay higher fees then some stupid watchtowers might fail to slash before the deadline. This raises 2 questions:
So basically this is the same as Flood and loot described in some paper 1 or 2 years ago.
Yes, and authors say
The exploited mechanisms partially differ from those used by the attacks presented in this paper, since we do not make use of multi-hop payments, but rather direct channels between nodes.
Translation from academic: we confirm Flood & Loot scheme. However, this attack was being discussed once with Anton Kumaigorodsky who was quite skeptic about attack trade-offs by itself. Attacker has to spend a lot of money to cause congestion and after attack the outcome is not clear.
Looking deeper into history there where 3 papers about LN attacks which released simultaneously, these are:
📍 Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks 📍 Flood & Loot: A Systemic Attack On The Lightning Network 📍 Time-Dilation Attacks on the Lightning Network
Are node operators supposed to run their own watchtowers? Or, do you pay a third party to manage a watchtower for you? I think I'm not understanding where a watchtower sits in the lightning network.
IMO there's not much to see here.
Attack 1: If a set of zombie nodes stop operating in the lightning network, the network can be severed. If you coordinate it for maximum impact, the time it would take for all the affected parties to close their channels and open them with non-zombie nodes would be longer than the channel closing locktime because of chain congestion.
Attack 2: If you close a channel with an old state, the other party can submit a follow up transaction to take all of the funds in the channel. This doubles the amount of chain congestion you can cause. And if you can cause enough congestion, maybe you can close some channels with old states because the other party can't get their revocation tx added in time. Thus allowing you to double spend the coins.
Not too worried. The first attack boils down to throwing away a central position in the network and gaining nothing.
The second attack is like launching your money in the air and hoping in the commotion that you find a sat on the ground.
From my understanding, it's a DDoS attack that must be executed during a high fee event.
Attackers create multiple LN channels before the attack, bait people to route balance in the channel from them, then wait until a congestion happen and double spend their balance.
This will force their honest LN partners to force close the channels, at the cost of 1 onchain tx per partner, during a congestion.
what's the eli5 on this?