📅 Original date posted:2021-04-24
📝 Original message:
The update_fee message does not, as far as I recall, change the dust limit for outputs in a channel (though I’ve suggested making such a change).
> On Apr 23, 2021, at 12:24, Bastien TEINTURIER <bastien at acinq.fr> wrote:
>
>
> Hi Eugene,
>
> The reason dust HTLCs count for the 483 HTLC limit is because of `update_fee`.
> If you don't count them and exceed the 483 HTLC limit, you can't lower the fee anymore
> because some HTLCs that were previously dust won't be dust anymore and you may end
> up with more than 483 HTLC outputs in your commitment, which opens the door to other
> kinds of attacks.
>
> This is the first issue that comes to mind, but there may be other drawbacks if we dig into
> this enough with an attacker's mindset.
>
> Bastien
>
>> Le ven. 23 avr. 2021 à 17:58, Eugene Siegel <elzeigel at gmail.com> a écrit :
>> I propose a simple mitigation to increase the capital requirement of channel-jamming attacks. This would prevent an unsophisticated attacker with low capital from jamming a target channel. It seems to me that this is a *free* mitigation without any downsides (besides code-writing), so I'd like to hear other opinions.
>>
>> In a commitment transaction, we trim dust HTLC outputs. I believe that the reason for the 483 HTLC limit each side has in the spec is to prevent commitment tx's from growing unreasonably large, and to ensure they are still valid tx's that can be included in a block. If we don't include dust HTLCs in this calculation, since they are not on the commitment tx, we still allow 483 (x2) non-dust HTLCs to be included on the commitment tx. There could be a configurable limit on the number of outstanding dust HTLCs, but the point is that it doesn't affect the non-dust throughput of the channel. This raises the capital requirement of channel-jamming so that each HTLC must be non-dust, rather than spamming 1 sat payments.
>>
>> Interested in others' thoughts.
>>
>> Eugene (Crypt-iQ)
>> _______________________________________________
>> Lightning-dev mailing list
>> Lightning-dev at lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
> _______________________________________________
> Lightning-dev mailing list
> Lightning-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20210424/b09dc276/attachment.html>;
Matt Corallo [ARCHIVE] /
npub1e4…jxmcu
2023-06-09 13:02:23
in reply to nevent1q…z289
Author Public Key
npub1e46n428mcyfwznl7nlsf6d3s7rhlwm9x3cmkuqzt3emmdpadmkaqqjxmcuPublished at
2023-06-09 13:02:23Event JSON
{
"id": "793b1612ab4b288e2e2c6631e21c64e4ea36660cb245047416485b18553d5fe4",
"pubkey": "cd753aa8fbc112e14ffe9fe09d3630f0eff76ca68e376e004b8e77b687adddba",
"created_at": 1686315743,
"kind": 1,
"tags": [
[
"e",
"b3e1babcd18c032cd663f50739c5addeb9efde0924211109d945ef414e2f663d",
"",
"root"
],
[
"e",
"0777caf1ccb6326efdfd883a73abc4340f7e907b24fd74b610678807ea051235",
"",
"reply"
],
[
"p",
"897fddf7e8d6dceae0590dbd4ecf88e3702c23e1384b9916dd4eecc41896af39"
]
],
"content": "📅 Original date posted:2021-04-24\n📝 Original message:\nThe update_fee message does not, as far as I recall, change the dust limit for outputs in a channel (though I’ve suggested making such a change).\n\n\u003e On Apr 23, 2021, at 12:24, Bastien TEINTURIER \u003cbastien at acinq.fr\u003e wrote:\n\u003e \n\u003e \n\u003e Hi Eugene,\n\u003e \n\u003e The reason dust HTLCs count for the 483 HTLC limit is because of `update_fee`.\n\u003e If you don't count them and exceed the 483 HTLC limit, you can't lower the fee anymore\n\u003e because some HTLCs that were previously dust won't be dust anymore and you may end\n\u003e up with more than 483 HTLC outputs in your commitment, which opens the door to other\n\u003e kinds of attacks.\n\u003e \n\u003e This is the first issue that comes to mind, but there may be other drawbacks if we dig into\n\u003e this enough with an attacker's mindset.\n\u003e \n\u003e Bastien\n\u003e \n\u003e\u003e Le ven. 23 avr. 2021 à 17:58, Eugene Siegel \u003celzeigel at gmail.com\u003e a écrit :\n\u003e\u003e I propose a simple mitigation to increase the capital requirement of channel-jamming attacks. This would prevent an unsophisticated attacker with low capital from jamming a target channel. It seems to me that this is a *free* mitigation without any downsides (besides code-writing), so I'd like to hear other opinions.\n\u003e\u003e \n\u003e\u003e In a commitment transaction, we trim dust HTLC outputs. I believe that the reason for the 483 HTLC limit each side has in the spec is to prevent commitment tx's from growing unreasonably large, and to ensure they are still valid tx's that can be included in a block. If we don't include dust HTLCs in this calculation, since they are not on the commitment tx, we still allow 483 (x2) non-dust HTLCs to be included on the commitment tx. There could be a configurable limit on the number of outstanding dust HTLCs, but the point is that it doesn't affect the non-dust throughput of the channel. This raises the capital requirement of channel-jamming so that each HTLC must be non-dust, rather than spamming 1 sat payments.\n\u003e\u003e \n\u003e\u003e Interested in others' thoughts.\n\u003e\u003e \n\u003e\u003e Eugene (Crypt-iQ)\n\u003e\u003e _______________________________________________\n\u003e\u003e Lightning-dev mailing list\n\u003e\u003e Lightning-dev at lists.linuxfoundation.org\n\u003e\u003e https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev\n\u003e _______________________________________________\n\u003e Lightning-dev mailing list\n\u003e Lightning-dev at lists.linuxfoundation.org\n\u003e https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20210424/b09dc276/attachment.html\u003e",
"sig": "e28051cfa7453ff8d63e7ac7ee1caf9fdf8a26d158c24412e8be7a862c489a85e0aa4b1eda798d6bea5b43a7db9982fd12a14fe77683563557a378c875eae253"
}