pull down to refresh
615 sats \ 3 replies \ @lopp OP 13 Feb \ parent \ on: I'm Jameson Lopp, co-founder of Casa, AMA! AMA
First I've heard of el-tor, will definitely have to investigate.
My initial concerns would that high bandwidth" makes me worry that it may be more centralized or susceptible to timing attacks.
Given that it's such a new project, will want to see a lot of eyes on it before anyone considers it secure.
At a high level I do like the idea of incentivizing people financially to help improve privacy. Hopefully the characteristics of the network aren't limited by the level of Lightning adoption.
Hey Lopp,
In regards to timing attacks, it's a pretty well studied topic and a lot of good research is documented here - Thirteen years of Tor Attacks - https://github.com/Attacks-on-Tor/Attacks-on-Tor Much of the timing attacks can be mitigated by incentivizing more independent individuals to run relays. The "High bandwidth" tagline is just simply the idea that more incentivised relay operators can lead to more overall bandwidth for the network. Currently the total aggregate bandwidth of the traditional Tor network is about 800 Gbit/s. My home network has gigabit fiber, so this number can probably be greatly increased and decentralized with a bitcoin incentive.
The Classic Relay Conundrum:
To go into more detail about timing attacks, one of the sneakiest attacks happens when the same person or entity controls both the entry and exit nodes of your Tor circuit. Imagine this: you're sending your data through a tunnel, but both ends of the tunnel are under the same roof. This setup allows for statistical correlation and timing attacks, where attackers can match traffic entering and exiting to de-anonymize users.
Current Mitigation Tactics:
Tor's defense? "Entry Guards." You pick a trusted entry node and stick with it for days, even months, betting on the hope that your entry and exit aren't controlled by the same malicious entity. But here's the catch - with only about 8,000 relays, many managed by NGOs/charities/maybe bad actors, the diversity isn't as robust as we'd like.
A Solution? More Individual Relays, Bigger Anonymity Set:
To beef up security, we could incentivize a broader range of individuals to operate relays. Imagine if running a relay got you paid. Suddenly, you've got a larger, more diverse set of nodes, making attacks harder to pull off. Plus, with more users jumping on Tor due to faster speeds, the anonymity set grows even larger. Adding techniques like data padding and latency padding, as suggested in various research papers, could further fortify Tor against these threats.
Lightning Network: Privacy in the Age of Speed
Switching gears to the Lightning Network, privacy is getting a boost with innovations like BOLT 12 and BOLT 11's blinded paths. These features blind the receiver's identity/path, making it tougher to track transactions. The Lightning Network's adoption is on an upward trajectory, but it's the unannounced channels and blinded paths that keep the growth under wraps, making monitoring and usage stats a challenge (which is good).
User-Friendly Innovations:
Tools like Alby Hub and Phoenixd are making Lightning more accessible. As these platforms evolve, they could significantly expand the user base, enhancing both privacy and usability. Plus users already running Umbrel and Start9 make them a great candidate for earning sats hosting a relay.
Check out the El Tor Specs here https://github.com/el-tor/eltord/tree/master/spec/
reply
Tools like Alby Hub and Phoenixd are making Lightning more accessible. As these platforms evolve, they could significantly expand the user base, enhancing both privacy and usability.
Keep in mind that
phoenixd is not a solution if privacy of the payments are important, see #866536reply