📅 Original date posted:2015-10-20
📝 Original message:
Mats Jerratsch <matsjj at gmail.com> writes:
> Think about an attacker who is able to MITM your internet connection,
> like the hotspot you connect to at a Cafe (or your ISP if hijacked).
> They can build locally a gigantic network, all pointing to the same
> node. You can't tell, and they don't have to necessarily just block
> your payments. (see above)
>
> I am mainly concerned over those. Especially since there is not really
> anything we can do about dishonest nodes joining our network, but it's
> encouraging to see your math. Since everything security-wise so far
> stands only with knowing pubkeys of nodes actually connected to the
> network, this should be the first thing to tackle. (that is, making it
> expensive to attack it this way)
Well, bitcoin protects from this using checkpoints, which are
centralized. Because AFAICT there's no really good way of doing it.
If we use beacons, this does become a bit easier: beacons indicate the
size of the network (statistically), so you can embed that estimate in
how large you expect the network to be.
> Only nuisance is that it requires either SPV or full node to check the
> anchor, but I kinda like the idea of having all (or a good amount) of
> lightning nodes be full bitcoin nodes as well.
We're going to need to support both, but for the moment I expect they'll
be full nodes.
Cheers,
Rusty.
Rusty Russell [ARCHIVE] /
npub1zw…hkhpx
2023-06-09 12:44:50
in reply to nevent1q…d58p
Author Public Key
npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpxPublished at
2023-06-09 12:44:50Event JSON
{
"id": "8ca1b12d2dbd2972f553a960a4c28a3011e34d34f5a1e6ac24949e495b87805a",
"pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425",
"created_at": 1686314690,
"kind": 1,
"tags": [
[
"e",
"a852f7164f575698e067e8fc679f5003dd9087247fc7ef7f6067ab966288eef1",
"",
"root"
],
[
"e",
"fed1c68b3c225e931ebedb5e936ea8aa9d48a8725193c7c796dffa620188e612",
"",
"reply"
],
[
"p",
"b8a27d18150405cdfcd44c0dd8db860f5270312300248389bf57ce555c784528"
]
],
"content": "📅 Original date posted:2015-10-20\n📝 Original message:\nMats Jerratsch \u003cmatsjj at gmail.com\u003e writes:\n\u003e Think about an attacker who is able to MITM your internet connection,\n\u003e like the hotspot you connect to at a Cafe (or your ISP if hijacked).\n\u003e They can build locally a gigantic network, all pointing to the same\n\u003e node. You can't tell, and they don't have to necessarily just block\n\u003e your payments. (see above)\n\u003e\n\u003e I am mainly concerned over those. Especially since there is not really\n\u003e anything we can do about dishonest nodes joining our network, but it's\n\u003e encouraging to see your math. Since everything security-wise so far\n\u003e stands only with knowing pubkeys of nodes actually connected to the\n\u003e network, this should be the first thing to tackle. (that is, making it\n\u003e expensive to attack it this way)\n\nWell, bitcoin protects from this using checkpoints, which are\ncentralized. Because AFAICT there's no really good way of doing it.\n\nIf we use beacons, this does become a bit easier: beacons indicate the\nsize of the network (statistically), so you can embed that estimate in\nhow large you expect the network to be.\n\n\u003e Only nuisance is that it requires either SPV or full node to check the\n\u003e anchor, but I kinda like the idea of having all (or a good amount) of\n\u003e lightning nodes be full bitcoin nodes as well.\n\nWe're going to need to support both, but for the moment I expect they'll\nbe full nodes.\n\nCheers,\nRusty.",
"sig": "1463e53f3cdda2856a7476f6290b1a1353549d60132e5a24853f9d3846fd8d6d6ca2954362aee8834e55e80df07378858d017c82bd53073d6df8fe2defd2bd43"
}