Key facts:
-
Today, carrying out disruptive attacks can be very convenient for authors.
-
The use of tokens acting as credentials is one of the solutions proposed by Riard.
Antoine Riard, a Bitcoin developer, proposed on the Lightning network developer mailing list a protocol that relies on the use of tokens to mitigate disruptive attacks. Such attacks are able to prevent the use of certain channels of the Bitcoin micropayment network.
The disruptive attacks Channel jamming attacks are denial-of-service (DoS) attacks in which the perpetrator can disable channels in a network for routing transactions..
There are two types of jamming attacks: liquidity and HTLC. In both cases, the attacker sends payments through the channels to be disturbed. This action can be performed without paying any fees and even for free if the payment is cancelled.
How to counter jamming attacks on LN channels?
Riard’s proposal is for each router node to accept only payments that include a token issued by itself in an HTLC-type smart contract. Such a token would serve as a credential for payment continuation.úe its passage to the final recipient.
The credential representing the token contains a blind digital signature to prevent the router node from identifying the node issuing the payment and thus maintain privacy at the highest possible level.
Riard adds in his proposal that “‘credentials’ can be used by a reputation algorithm to reward/punish payment issuers and efficiently allocate channel liquidity resources.”
Regarding the issuance and distribution of credentials, Riard believes that this can be done according to the policies set by each router node. However, the developer made a number of suggestions in this regard.
One possible method of issuing and distributing credentials is for the issuer to purchase them directly from the router node via LN. The router node could also return the credential it used to the senderonce the payment has reached the receiving node. In fact, Riard believes that extra tokens could be given to the sender node to encourage future use of the same router node.
Another alternative for issuing and distributing credentials would be for router nodes to assign a portion of these tokens to all issuers who verify that they have a UTXO or the credit balance in BTC. Riard adds that, in addition, the number of tokens could be conditioned on the age of the user, the number of UTXOs, or any other parameter.
Questions to Riard’s proposals and other possible solutions.
Developer Clara Shikhelman raised a couple of questions about Riard’s proposals on the mailing list. First, whether credential tokens were transferable between users and whether this could lead to the creation of a market for such tokens. Riard acknowledged that such a market might exist, but he did not think it very likely; since the process of buying and selling credentials would be based on trust between the parties..
Shikhelman also asked Riard about the interaction between the tokens in question and “blind paths,” as there is a known payment routing method that hides part of the path followed by a transaction between the sender and the receiver. In this regard, the developer responded that “the receiving node can provide all the necessary credentials in encrypted form without introducing a secondary vulnerability.”
Clara Shikhelman has extensive knowledge of the topic of payment channel disruption attacks, as she and developer Sergei Tikhomirov have previously presented some proposals to mitigate such attacks on the LN developers’ mailing list.
CryptoNews reported that researchers at the University of Jerusalem. had identified the vulnerability to such attacks by networks such as Lightning and Raiden, which are second-tier solutions for Bitcoin and Ethereum, respectively. According to them, the solution lies in changing the way HTLCs work.Which is the point of origin of the vulnerability.