199 sats \ 0 replies \ @midnight_orange OP 18 Nov 2022 \ parent \ on: Dark-LN Releases Preimage Stealer bitcoin
yes the main concern is someone paying an invoice successfully and then someone (maybe same person or other) paying that invoice again from another wallet.
another concern is if a payment looks stuck and making the payment again on another wallet.
if a payment fails and you make the payment again then you are fine.
there's a wormhole attack here too that users dont need to worry about too much it's mostly a router level attack
387 sats \ 1 reply \ @midnight_orange OP 17 Nov 2022 \ parent \ on: Dark-LN Releases Preimage Stealer bitcoin
No hacking involved. Lightning payments are locked to a secret (preimage) so if you know the secret then you can get the funds. This tool allows you to redeem payments by checking your storage to see if your nodes know that secret. A few cases like double payments and wormholes exist that this can be leveraged against to unlock funds that nodes normally don't act on.
This tool allows you to steal funds from nodes that attempt to pay an invoice a second time after the first succeeds. Soon we will add the wormhole attack in it so that routing nodes can get more money by shortcuting other routing nodes in the middle. You can safely run this and sit back and watch your node get more sats than it was getting before. There's also a mode that doesn't steal in case you want to see if you could have stolen funds.
GENESIS