Topic: The end of Lightning Network? - page 2. (Read 571 times)

There is a main difference in attacking bitcoin compared to attacks in any layer . Best thing you can do is make a double spend of your own money . So that double spend has to be more profitable than the cost ( hardware cost + energy spend ) of the attack  . And even if you decide to make an unprofitable bet trying to destroy the network , honest nodes can reorg the chain and leave you with a move that produced zero profit and a massive loss . Attacking base layer will always have a much higher economic cost than attacking other layers . That's the brilliance of the invention . 

That does not sound "simple" at all.

Antoine Riard is a senior Lightning dev, not just some junior dev.

Higher time_lock_delta leads to longer time for locked funds. That's a tradeoff.

Rebroadcasting with higher fees: Also known as "defensive fee mitigation". I suppose that's doable to keeping spamming the mempool dozens of times until the attacker gives up. Would be a simple client update, but it introduces additional spam and client complexity.

I'm going to wait until the experienced Lightning devs test this attack and report back the costs of attacking and defending. This is beyond my level of understanding.

It sounds like they're going to look for a sustainable fix, but it'll take several months of testing and implementation. In the meantime, I would refrain from keeping high value on Lightning, like everyone should've been doing from the start.

This seems very serious, at least for those with high-value channels.

I'd like to see some cost-analysis for this kind of attack. What's the cost of running the attack, and at what point does the attack become profitable under different scenarios:

1. victim does not detect the attack
1. victim is not using automation and defends against it manually and slowly

There are clearly some fundamental limitations with lightning, due to its design. As I have told multiple times already, the basic problem is that it is very unattractive for the average, non-techie Joe, because it requires him to study a little bit of how it works, but more importantly because of running a machine all day long. This is orders of magnitude more of a burden than the SPV solution.

I wouldn't worry for the retiring developer. Lightning does have a brighter future than currently, but again limited. We will sooner or later opt out for other sidechains (or drivechains).

Lightning's fucked, but not dead. I don't see why it would be. There's just too much support for the network, and they're filled with capable devs that could take from where Riard will leave. Plus at the end of the day he's not the glue that puts everything together, long as there's people who are willing to improve upon Lightning Network cause just as what MK4 has said it's far from perfect, it will remain functional and pretty much alive. In the event that it does die, I don't think it connotes to anything other than previous efforts about Layer 2 solutions being moot.

Too much sensationalization and fearmongering for a topic that's not really that scary when you look at it with a magnifying glass.

Just flipping the power switch and making everyone else force close would probably cause a lot more disruption since your nodes are offline. And a ton of speculation as to what happened.

Closing down the channels would show that you attacked it.

In the end it does not matter, it would take a while for the LN to recover.

Flipping the switch would also cost you since you get the force close penalty from the nodes that are not yours.

Shrug, as I said. Not something to worry about. Could also do the same thing with mining in general.

-Dave

This is what I thought.
I've not used it before but I've read a lot about it and it seems interesting. Technologies don't just become perfect from inception, it goes through phases. If you're waiting for a thing to be perfect before inventing it then we might actually not have any inventions at all.
This is a software that can get better with time and would always be updated. And we know how innovative technology can get so that means it would always be updated and worked on even after it's starts working perfectly.
Saying it's dead is reaching.

Why? You can just turn off your nodes. You don't have to close those channels. Let your users do that, so they will start betting, by closing their channels in panic, and setting higher and higher on-chain fees, and reaching levels, where a proper fee to get it included in the next block, will reach the holy "1000 satoshis per virtual byte" limit, or will exceed the amount locked in the channel.

And then, your side would be clear. Being offline is less serious crime than closing the channels by yourself, even if the final outcome is exactly the same. It is sad, that LN can be attacked just by being offline, but it is true, and many attacks can be done in this way.

I put this in the same pile as the Wormhole attack discussed here: https://bitcointalksearch.org/topic/info-discussion-wormhole-attack-in-lightning-network-5466886
Yes it can be done, but the cost and effort are so high as to not be worth it.

There are a lot of ways to attack BTC and the Lightning Network. Most of them are so esoteric / expensive / just about impossible to implement as to not be worth it.

Want to destroy LN or at least set it back years and years? Heck I can do that for you for less then BTC20000 / $600 million USD
As of now LN has about 5500BTC in it.
Just start spinning up nodes and connecting to other nodes and charge 0 fees. Just keep adding and adding and adding.
People will connect to you, you connect to others and soon just about every lowest cost route is running thought you.
There are people who have 10+ connections to other nodes but they are all yours.

But you now have 45000 nodes which is 3x as many as there are now and those 20000 BTC are all in LN so you own control 75% of the LN. Probably take about a year and everyone would be amazed at it's growth. Then you come in one morning and close all the channels to nodes that are not yours at once. Insane high fees so they are all in the next hundred blocks. Then when you have time you close the channels between your nodes, sit back and watch the chaos.

But, nobody has done it.

So worrying about some other attack that requires some extreme programming and other things is not a real worry.

-Dave

Why? Rejecting transactions is not a problem in any soft-fork. Accepting more transactions than usual is a problem.

Imagine an extreme soft-fork, that would reject all transactions, and would allow only coinbase transactions. Peter Todd described it there, it is perfectly valid soft-fork: https://petertodd.org/2016/forced-soft-forks

Which means, adding any kind of "expiration" to the transaction is not a problem at all. You have a node, you receive a transaction, you see "Oh, it's five o'clock! That's all for today!", and then you simply reject that transaction. And then, if most nodes do the same thing, then you cannot send transactions after 5 PM, because it is a soft-fork rule, and if some miner will include it anyway, then the soft-forked network will reject that block. And if soft-fork has 51%, then it becomes a consensus rule.

But yes, the hardest way to reject a transaction, is to include a double-spend. Then, all other transactions, spending the same coins, will be always rejected in the future, because of already existing network rules.

Yes, of course. If you sign a TapScript branch with any OP_SUCCESS, it can be always used to attack. The same will happen, if some soft-fork will not reach 51%. And yes, signing a blind TapScript branch is stupid, because it could be just "OP_TRUE" or even simply " OP_CHECKSIG". In general, it is the first time, when OP_SUCCESS was introduced, and it can be painful to prove, that "there is no OP_SUCCESS".

Quote

but atleast now the flaws are starting to get noticed

Yes, it seems some things are getting more and more soft. And that process will continue. It started with soft-forks, instead of hard-forks, and soon we will reach another stage: no-forks, instead of soft-forks. People will start building more and more stuff, without going through soft-fork signalling, and all of that. The most recent case was Ordinals, that could be somewhat-safe if deployed as a soft-fork, but was deployed as a completely unsafe no-fork instead.

Quote

best suggestion .. start afresh and use a different payment system model.. make a subnetwork that actually meets its 6yo promises

Well, you can always start with unidirectional payment channels, and just disable routing. Then, if Alice has 1 BTC, and Bob has nothing, Alice can give more and more coins into Bob, but she cannot take any coins from him. And then, everything is simple: if you sent some signed transaction, then you passed some coins. It is irreversible. Bob will always get the last transaction, because it gives him the most coins. That model meets all assumptions, but has one drawback: it requires more on-chain transactions than LN, so it will not be deployed. But the funny thing is that some Bitcoin ATM operators supported that proposal more than LN.

Quote

i might actually respect core devs again if they made a subnetwork that is truly functional without having to mess with bitcoins rules just to fit

You can deploy payment channels, that I described above, even without Segwit. The only thing you need is to eliminate malleability. And you don't even need multisig, because Paillier Homomorphic Encryption can do the trick even on P2PK: https://duo.com/labs/tech-notes/2p-ecdsa-explained

I hope I will see drops of #open channels and sum of channels value. 
https://txstats.com/d/000000012/lightning-network?orgId=1&from=1517011200000&to=1698019199000

Actually it's very technical, that's why no one even attempted to do this exploit.

In any case, here is the paper, author by Antoine Riad himself - https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf

LN has alot more flaws then this.
but when it comes to them on another network making demands to need a bitcoin network fork, just to make their network work. it shows their network has bigger problems they cant even resolve themselves on their own network
the issue at hand of this particular flaw it to force bitcoin miners to reject a new softfork transaction format if it uses a expiry that has passed. BUT thus needing a hard fork upgrade on the bitcoin network to ensure its enforced, bitcoin has become easy to let in soft nonsense, unchecked data.. but to strengthen the rules to reject transactions of a certain format requires a hard fork

some of them wanted work arounds like having centralised services to manage funds or watch for abuses. but these do not help the decentralisation promise..
the great thing about code is you can write your own rules on their own network, but if their code has a problem. putting a plaster on it or asking another network to provide them a feature, just shows their are problems at their root

they have became too lax about their scripts. where they have not thought about security, but instead malleability. having a mindset that everything should be soft and not hard has meant many people can find exploits. and even if they try to fork bitcoin to add in a output deadline. it wont fix the issues, there are many other scripting exploits people can use to perform the same attack, the latest one relates to how participants of p2tr do not know all the scripting conditions of all methods to spend. they just blindly sign a part not realising that part can be used against them

i am not going to explain all the flaws(giving scammers ammo) nor logical fixes due to simply not liking their network so they dont deserve help. but atleast now the flaws are starting to get noticed.. best suggestion .. start afresh and use a different payment system model.. make a subnetwork that actually meets its 6yo promises

there are millions of people that tried LN and experienced its flaws and instead moved over to other subnetworks. this is not just one guy leaving. but just a notable guy of millions leaving

i might actually respect core devs again if they made a subnetwork that is truly functional without having to mess with bitcoins rules just to fit. because messing with bitcoins rules has made bitcoin soft. and thats something we should not allow, just to populate someone elses network

Bitcoin is open source and it can be developed by many developers.

Did Bitcoin network stopped or Bitcoin Core wallet software stopped its development after Satoshi Nakamoto disappeared years ago?

In reality, Bitcoin has been continuing its growth and Bitcoin Core has been developed with many more versions after Satoshi Nakamoto disappearance.

Antoine Riad is only one of developers and thanks to his contributions so far, good luck to him in future with his new journey but Bitcoin Lightning Network will not die because of this decision to resign.

In most cases, you will not get a technical answer here. Ask again in the technical department or https://bitcoin.stackexchange.com/, but if a project fails due to the departure of one developer, then the project is a failure. In addition, the Lightning Network is one of the second network solutions to solve the scalability problem, and there are many side networks.


I was looking for his reply, it seems he hasn't read the thread yet.

the developer @mononautical has published the following 4 slides on twitter (x) to go into more detail about the whole thing. the whole mechanism around the newly discovered vulnerability is a bit more difficult to understand. under the link below he gives us (in several tweets) a detailed insight into the whole story



https://twitter.com/mononautical/status/1715736832950825224

Since I'm not familiar with LN at a technical level I can't comment on the technical matter, however I would like to remind everyone that this is not the first time someone acts like this.
There have been a couple of them in the short time Bitcoin has existed like Mike Hearn, one of the main Bitcoin developers who basically called bitcoin dead as he left the project back in 2016 while referring to Bitcoin as "a failed experiment". We are 7 years later and Bitcoin is going even stronger.

From Jan 14, 2016

Somebody, who is an expert in LN should explain to us the problem in a simple and easy to understand way.
What are "replacement cycling attacks"? Most of the people here aren't experts.
1.AFAIK, the Lighting Network is a centralized offchain solution and it will always remain centralized.
2.The Lightning Network isn't user-friendly at all. There's plenty of room for improvement in making LN more user-friendly.
3.This guy is simply a developer. He is not "the CEO of Lighting Network". He mentioned in his post that there are senior LN developers.
There's no need to make clickbait forum titles about "the end of LN".

What exactly is the issue with LN the dev is talking about?

franky1 will happy to see lightning network is dead

As been mentioned by above users if lightning network is new and Riad isn't the only one developer in this project, similar like Satoshi disappeared and many developers are still develop Bitcoin.

So if you want to use lightning network due to it's cheap fee, you should only use or hold small amount of money, hold the most in on chain.