Topic: Lightning Network Observer - page 20. (Read 13809 times)

Damnit.  Stop your silly going on about this.

It is a LONG time before anyone gives a damn about a millisat!  A long time as in perhaps FOREVER.

SIXTY THOUSAND millisats is still only a PENNY in USD value.

You are barking on about people giving up FAR less than a penny when rounding down on a channel close. 

Every time that channel goes over another 1000 millisats, the receiving side has earned another 1 SAT.  Locked in.  Will settle. 

Would anyone be concerned that a channel that has been active for weeks, months, or years has to give up less than 1/500th of a penny in value when it closes?

No.  The answer is no.  And it will always be no.  And you are so wrong it hurts.  Or maybe just a good troll.  OK, I mean it this time.  Ignored.

I'm not; your scenario is: malicious software wallet can steal user funds.
That is true on Bitcoin L1, too, through seed exfiltration by API call.

your silly crap about what happens o someones computers hard drive.. is completely differnt to protecting someones payment on the network

i dont are if your wife decides to hack your wallet file and then divorce you. thats between you and your wife in your house where you should be using passwords

its about the protection of PAYMENTS between users on a crypto- network
ensuring people on a crypto network  network get paid and not able to abuse each other

do you know why crypto/blockchains were invented. yep electronic payments systems to allow payments over the internet in a way thats more secure then using a custodian, middle man, partner.. to then not need such other people managing or messing with payments before you can settle/be confirmed that you have it. an no one else can cheat it

again you are avoiding the actual scenarios ..

have you learned nothing in the last year about al the crap about the stablecoin, custodian  and sidechain fiascos this year alone

if you want to not thingk there is a problem where by networks should be left with crap security then so be it you carry on using those networks

ill stick with bitcoin which does check payments before putting into blocks to ensure transactions do have a UTXO backing the tx. and when confirmed (received) the recipient knows its done and complete and not a "maybe" or "what if"

you cant say the same about LN

so last time i will say it
knowing you "think" there is no network problem(in your mind) with LN
is where i see the problem with people like you. you lot are too utopian dreamy kiss assy promoters trying to sway people into your insecure network by pretending its better than bitcoin but then leaving those users at risk and blaming them if things go wrong.

your favoured network and favoured buddy group are the problems that give crypto a bad name.. so please do one thing

stop subtly trying to make people think LN is bitcoin 2.0 or a solution..
atleast try to make people aware its a small niche service network for atrisk  small value amounts for short term convenience.. rather then trying to pitch it as the place everyone should use instead of bitcoi longterm

if you dont want to fix your network or realise the problems of your network. atleast fix your sales pitch and stop trying to make bitcoin look bad by your brand steal and silly narratives you lot are pushing too hard

Which Bitcoin network rules exactly, protect you from the attack I described (seed exfiltration) which requires the same attack vector like the one you've been warning about in Lightning (hacked wallets)?

Because this below, is a whole different topic (Turbo channels), right. So are you confirming that the attack vector you previously kept pushing, does exist in Lightning just as well as in Bitcoin L1, and therefore shifted to a new argument?

No, let's not. Nobody in this thread has argued that opening a turbo channel is secure. It's a secure / comfort tradeoff, but nobody forces you to use it. Some lightning developers might as well use it, I don't care.

Sounds great. Individuals can configure their node as they please, but cannot enforce their rules on other people's software.

You don't care but you're the one who's talking about it most frequently. 

ok lets again. say whats already been said
there are many rules that can be put in place

lets take the 0-confirm thor turbo unbacked msat thing to the test

again
nodes can have code as part of the NETWORK gossip of making route maps. to ban channels whos ID's (funding lock proof) do not have confirms
thus they dont become part of peers local maps thus not gossiped to their peers and so on. thus not part of the network to be a possible route

by the way it does hurt me to actually be helping you fools find solutions to problems because yea, i dont care about your network

but not as much hurt as seeing you fools promote LN as a sexy solution to something where you want to call broke to then say LN is a solution. when its LN that is the most broke of any networks associated with bitcoin(but not being bitcoin)

as for light app wallets that cant do checks. those wallets should have an ability not to broadcast to the bitcoin network just to find out(via losing). but do a test message (broadcast to a LN peer outside their channel partner) that can verify the state matches the "balance available" amount of a network map of that said channels msat balance
after al you already have features of invoices done peer-2-peer over sphinx you could also do "credit checks"

you know much like the pre-block relay network of bitcoin checks transactions before putting them into mempool or rejecting if input doesnt match a utxo

It is not. There is no way for any network or technology to protect users from installing hacked software. That software, again, can do all sorts of things, like spy on the user, steal private keys, steal encryption keys, hold the users' data at ransom etc. -- this is just malware. You don't blame Bitcoin either, just because a user runs an outdated OS and installed a trojan which stole their seed phrase. No amount of blockchain explorers and transaction IDs protects you against that.

As far as the network is concerned, if it sees a transaction from that wallet, it's legitimate. Everything outside this scope is oblivious to it. Whether the signing key was stolen or not, whether someone gained access to the machine through a hacked wallet; the network does not know this.

I'm not arguing with that. LN does have some issues that you don't face on L1. But the ones you're describing here are not it.

The issue is that the attack vector you describe here, can affect any other piece of software or data on your machine, too. If you install what's essentially a computer virus, you can't blame all the software that is affected by it. Programs are almost never built to defend themselves against a locally installed virus. Bitcoin Core isn't either. There's nothing stopping a script that I send you, to go to .bitcoin, copy the HD seed (or individual private keys) and send it to my server through a REST API request. And I'm strongly arguing that this wouldn't be Bitcoin Core's fault, but yours or your OS'es.

---

Look; this is all a lot of back-and-forth. It can be reduced to a single question:
Do you believe that Bitcoin L1 wallets are completely secure, no matter what other software runs on your machine? And no funds can be stolen even if users download random wallets from the internet and potentially even input their seed phrases into them / deposit BTC into those wallets?

ok i am going to call it a night because you are still..(how many pages later) trying to play the sweep under the carpet shenanigans to just say "its a user fault for using a hacked wallet"

no its a network fault for not having rules that can pick up on things.. thus allowing wallets a lot more freedoms to be attack vectors

bitcoin does not have the same problems LN does.
so have a hard think about that. without just rushing to press the reply button to be a ignorant brush under the carpet artist

but i am glad you admit there are alot of attack vectors.. dont back peddle it and brush it under the carpet.
instead think of what things can be implemented to reduce the attack vectors at a network security level of other nodes banning such nodes if spotted..

bitcoin has many security features that limit "node manipulation" of payments

if you reply once again with a brush under the carpet  sounding reply. or a response where you treat it as not a issue overall and just a user problem.. your neglecting the fact that you are then admitting you dont care about users on your favoured network
you will just blame them for the mistakes of using LN.. which is a shameful way to promote LN as utopia everyone should use, with promises and kisses they it all is fine and secure and nothing to worry or be at risk... then boom.. tell users its their own fault and not a LN fault when they use LN

..
much the same as when i call idiots using other networks
where they think they are "using bitcoin"

you would be calling your prefered network(ln) users dumb even when they are using the network you prefer(ln)

atleast i try to make people risk aware of both networks. atleast when people do use the bitcoin network their value is more secure. so a few less dumb people on the bitcoin network

cant say the same for those on the LN network thinking they are stilll "using bitcoin" whilst looking at a GUI of msats

I'm starting to wonder why you obsess over this attack scenario. When you started with this factor of 1000 stuff, I thought you were confused about unit conversions. Then it became clear you are talking about a potential attack where someone distributes hacked clients where the msat/sat multiplier was messed with.
But if that's your attack vector, you can do so much more stuff with it. Like send yourself the seed of the underlying L1 wallet, maybe even plant a trojan or gather personal data lying on the machine.

You are talking about users installing a hacked client that could e.g. exfiltrate their seed phrase. The blockchain doesn't protect against that, right?

---

He's actually not; he's arguing that if you installed a client software that does the msat <> sat conversion wrong (e.g. by a factor of 1000), and opened a channel with the same person who gave you this wallet software, the amount of sats shown in GUI would be different (higher) than what will later be settled on-chain when closing the channel.
Which I find really far-fetched as attackers could just steal the seed or do other attacks if they can get you to trust your keys to their software.

one more time

at the point of someone receiving msats and see it on their GUI.
they are not looking at any state/commitment.
and trying to find a state/commitment is hard to do on a phone app

(main utility wallet for people buying small price items like coffee/beer/sandwich(because no one takes a laptop with them into town))

upon someone seeing they received msat,
they if they were a business( cafe or a store) would hand over the goods. and "believe" they received the correct denomination that represents the amount of sats they think they are promised..

or if just a user like a street busker or someone getting paid to do landscaping on soneones yard. would think they got paid. and leave..


but wont find out if they have been paid in full. of actual real sats.. until the end of the month when they finally settle up. (as settling hourly/daily is not the premiss LN nerds are pushing)
oh and you cant find out by running some LN explorer or bitcoin explorer to check your LN channel msat balance is backed by sats. because its all loaded into a phone app which your channel service provider gave you
..
however in bitcoin receiving a real bitcoin transaction. is settled, confirmed and you can check it anywhere .. and then hand the goods over. meaning no worry, trust, faith..
also with bitcoin after getting payment, you dont have to stay online 24/7 wondering if some middle man will steal your funds
.
bitcoin does not need watch towers, doesnt need someone else to be online just to accept a relayed payment. (doesnt need a hop agreement stage of multiple participants pressing accept or needing to share/borrow someone elses balance just to push a payment around a network)
..
bitcoin has many security protections to not even relay transactions that dont have a confirmed utxo previous to it to back the current tx spend

plus a multitude of other security checks.. which is why in 2009 alot of cypherpunks that were playing with smart contracts before blockchains had issues. and then when bitcoin was announced they seen the wisdom of blockchains solved a smart contract problem

smart contracts dont solve a bitcoin problem. its the other way round

My point is that with a compromised host, you can do all sorts of shenanigans, be it Lightning, Bitcoin L1 or anything else.

I haven't heard about Thor Turbo until now to be honest. Do you have a GitHub link to this wallet or something?

I know about regular 'Turbo channels' (simply 0 conf), but as long as your client is secure and legit & you wait for a confirmation before using it, there's literally nothing to worry about.

Yes, I'd reeeeally like to hear him admit: 'This specific Lightning Network attack (modified msat / sat multiplier) I am very worried about, and I keep bringing up, actually only works if you download a malicious client; similar to how malicious Bitcoin L1 clients wipe users' funds who entered a seed phrase into them (or do so later). Besides, these attacks through hacked L1 clients did happen, meanwhile a hacked L2 client with a modified multiplier didn't appear in the wild yet.'

It's kind of logical, because you would need to not only get people to install that client but also get them to open channels with you. Meanwhile distributing a malicious L1 client (e.g. that exfiltrates your seed or whatever), doesn't require additional actions and make it easier to take the money and run than attaching your Lightning node's identity to such crime.

'the scenario' being having been fooled into installing a hacked or malicious client and having opened a channel with the attacker?
Because I've been repeatedly trying to explain that malicious L1 wallets can exfiltrate the seed or otherwise steal user funds, too.
If your software setup isn't safe, you're kind of fucked either way.

If your Lightning installation is secure and running 24/7, Lightning payments are completely faith, hope, trust, promise-less, too.
The only downside is really this 24/7 requirement. The benefit is cheaper fees and faster payments. We acknowledge and never hide this fact, but it's just wrong saying that Lightning in general requires faith / hope etc.

However, if you install hacked or e.g. closed-source clients, you need to 'hope' in Bitcoin L1, as well. Sure, you may verify with a block explorer that a transaction was settled, but if the bad actor exfiltrated your seed, they have access to those funds, too and can steal them from you at any time. Different attack type, but through the same attack vector.

He is actually currently making argument after argument about the horror of rounding down to the nearest $0.000169 on channel close.  Bitcoin can do a 1000x and we will still just be rounding down to less than nearest quarter the USD value.  Lol.

I am back to ignoring him.

ooooh angelo..why oh why to you sound so ignorant and foolish for..
seems i talk more about the features and code and abilities and flaws of LN more then you do. and im not even a fan of the system,, all you seem to do is avoid aspects and features and flaws.


what is being signed (the state/commitment) is not signing a 1:1000 rate of msat to sat amount.. in the scenario i have told you about a gazillion times

go back and read the context of the scenario.. where n0nce atleast realised and agreed there is a difference between rounding and dividing
and that in LN they are 2 functions and both are performed

heck i even colour coded the differences..

seems you are ignoring parts to play dumb.

stop with the games and just have a proper think about things. do not hit reply until you can understand the whole thing. and dont reply if you just want to downplay it as a non flaw

i already understand and seen you try to ignore/downplay things a gazillion times .. so until you are ready to stop downplaying and actually have a proper risk aware discussion about a flaw there is no need for you to repeat your ignorance

i find it funny how after a few years now you have been promoting LN but not realised that what you broadcast is not also what you can revoke. because the revoke you get is against the other partys commitment not your.

i laugh that you dont realise when you get such revokes where you thought you had a revoke for the current stat at play

i laugh that you think that the only thing that msats do is "!round" and you did not know that there was a 1:1000 rate conversion involved.

please dont waste time on your LN promoting utopia games nor waste time on your bitcoin is unfit for normal use so offramp to LN as solution games.. and if you really care about your silly subnetwork. atleast try learning how it works

because trying to tell you lot about flaws wends up being teaching you lot how it even works because it seems you dont know. or just playing dumb to avoid talking about the flaws


meanwhile when someone pays me on the bitcoin network. its done settled complete.. i dont need faith, hope, trust, promises, or watchdogs or other party agreements.
ill stick with the bitcoin network

---

replying to below, and then just leaving you guys in your ignorance to play with your silly subnetwork of ignorance

i guess you enjoy ripping users off and not caring, by just saying its their own fault for not watching and checking things they cant see 24/7 . never blaming the flaw on lack of network security


changing / 1000
          to / 1,000,00
is not a rounding error

but your ignorance has been observed

---

nope. bitcoin has a load of rules to prevent alot of shinanigans. . thats the beauty of bitcoin..

once a payment is confirmed. its done. no middle men no manipulations. no i wonder if i will still have my money tomorrow. no what if he did mess with my payment i received..
in bitcoin you get a payment and its a done deal. if you want to check you can check on different explorers.. with LN all you can do is trust the wallet your stuck with

if i was to say bitcoin security was a 9.5 of 10 due to some weaknesses of wallet stuff(10 being perfect)

here is how i would rank the other networks structures security

distributed/decentralised sidechains: 7
federated/centralised sidechains: 4
LN bridged to a mainnet: 2.5
custodian: 2

What's signed behind is signed in sats, not msats. It is rounded down. It has already been told to you like a gazillion times.

Lol, that's the point. The latest state is the correct state, which has emerged after a number of off-chain transactions. Every other transaction should be penalized, if published.

Hey, how about we do what I said? If you cheat me successfully, you can keep the money.

but what your signing with them.. is a signature of a commitment which is not for the full amount you think it is going to be..  .. ... because whats seen in msat balance at GUI is not whats signed into the state!! do you not understand that part..!
also a revoke is only given to you. when the states change again where they are to not use that old state
yep revokes are for old states not current ones.
so if they broadcast their latest state.. you wont have a revoke for it!
get that yet

...
its like you are both deliberately missing out parts to play things down. rather then you both thinking to actually see things with a risk aware mindset
all your goal for the last couple days is to down play it as user error, and not a flaw which the network should consider finding a solution to prevent.

bitcoin has rules to prevent this crap and yet you lot seem ignorant

no wonder why LN is broke and has flaws and for 5 years has remained like that. which is why LN is not fit for offramping bitcoiners to


due to your attitudes of how little you care about security of your network. ill continue to see LN as a silly subnetwork for small use low value amounts that people should be risk aware, and that they can be prepared to lose. .. where LN should not be seen as a solution to long term use to offramp users away from a secure network

He's responding to every bullshit you've been whining about. Ironically, you're going off-topic more often that he does. He's straight to the point, and you're constantly avoiding it.

Pleonasm. You can't receive outbound sats. That's why they're called inbound.

Great. But once they provide the corresponded signature, and we revoke the previous state, they're mine.

Here we go again with "their app". Fuck their app, and use a reputable, open-source, peer-reviewed, non-custodial lightning wallet. Gosh.

Except if you run your own lightning node.

---

---

Look. You're terrible at words. How about we open a channel together and you do your magic to rip me off? Your best course is to make me go offline for 2016 blocks.

you are really really ignoring how things work, playing dumb, or just avoiding things by acting ignorant

how about you go back to your subnetwork and just go back to sleep.

meanwhile for other people that want to be risk aware and not run down some rabbit hole of trying to lay dumb..

there is no network level consensus system in LN that prevents a person from this manipulation. however in bitcoin there is many rules to prevent this type of crap you are trying to say is a user to blame fault..

how many times do i have to repeat it. please try to OBSERVE

heck i even gave you a bug fix that would sort out/reduce exposure to/prevent the ability of how for instance,  thor turbo abused things


yet no one was spotting thor turbos wallet that had channels of msat balance but no funding lock to back those msats..
... i spotted it the day they announced the features and you lot were telling me to shut up, many of the pals you adore and support were trying to call it a feature not a flaw

You don't, if you run a hacked client that shows fake amounts and no transaction IDs.

How do you check against the blockchain if you run a faked, light wallet?

Because if we assume people have access to a legitimate, synced full node, then it's impossible to fake balances in Lightning, just as well.

I'm not very familiar with 'Thor Turbo', but if I understand it right, users were running a non-verified wallet right? Or they verified it and didn't identify a flaw (because being told it's a feature)? So how is my argument 'we need to review wallets' crap? Properly verified wallets with no weird changes, settings or messed up multipliers won't be susceptible to the attack presented here.

If anyone gives me a wallet whose source code has a multiplier for msat conversion other than 1000, there's no way in hell they convince me this is actually a feature, lol. Like looking at a ransomware binary, its source code and being like 'yup, I want to run this!'.

Maybe other alterations to LND / CLN could be 'sold' as a feature & later reveal as a bug / attack vector; but this story you keep spinning about altering the msat / sat factor, is not realistic. This is way too easy to spot.

when i receive payment in bitcoin i know i received it and its confirmed.. settled done..
its not a game of promises of trust that a state/commitment/funding lock hidden beneath the GUI you cant see will settle up correct..
its not a game of sleepless nights making sure a middle man isnt trying to spend value i thought i might get to keep but may not get unless i close off and remove myself from the channel/their control/risk ..

in bitcoin when someone pays me its done in full where there IS a UTXO that backed it. and the amount i get is clear and settled and final.

in LN you cant make the same promises

in LN people can see a msat balance and "think" that it is good. and release product for delivery to the msat sender .. but find out way later when settling up the seller got screwed by the channel partner

bitcoin actually has many consensus rules about the pre-confirm relaty network that check for faults in the payments.
bitcoin has lots of rules that protect about faked balance of holders
bitcoin has many rules to ensure that middle men cant manipulate value

LN cant say the same

i have to remind you there are multiple other flaws of LN but it seems you lot cant even get out of your utopian cloud of dreams to be risk aware of just one issue.

---

as for you saying its just a single hacked wallet issue of a single victim scenario...

you again forgot that a major service (thor turbo) showed up a major flaw via having a large amount of users thinking "its a feature" where no one was critical to think. "actually this can abuse people"

so your so called "all we need is to review wallets" security check is crap

bitcoin has actual rules it mitigate many "hacked wallet" threats of faking balance. or faking receipt
yep if it aint on the blockchain... it didnt happen.. pure and simple.

Okay, so since the attack you describe actually only works by getting users to download a malicious wallet, I could also just distribute a hacked L1 wallet that e.g. doesn't show transaction IDs, giving users no way to verify if they actually received funds. Or that allows me to steal part of their funds, while still displaying the old balance in the GUI.

It's not a Lightning issue; it's a hacked wallet issue. We should focus on getting users to use verified, open-source wallets (of any kind: software, hardware, L1, L2) with reproducible builds, which is exactly what I've been doing for the last months.