π
Original date posted:2022-06-13
π Original message:
Rene,
Thanks for your reply.
> Also wallets tend to have poor utxo management. So looking at the on-chain signal one can probably guess for a p2wsh to which two nodes it might belong and try them first.
β
That was going to be one of my next steps. I thought about parsing through the data from https://github.com/lnresearch/topology in order to get a link between every unpsent p2wsh transaction up to 6 hops forward from the opening transaction between two nodes. Then keep a list of every node and their possible p2wsh transactions and probe with those. Should cut down a lot but I have not run through this dataset problem yet. Curious if you think that would be the best process moving forward with this.
Otherwise, going through LSP's with the assumption set, like I did with ACINQ would probably yield further results.
Regards,
Tony
------- Original Message -------
On Wednesday, June 8th, 2022 at 12:42 AM, RenΓ© Pickhardt <r.pickhardt at googlemail.com> wrote:
> Dear Tony,
>
> Thank you for putting emphasis on this. I was actually waiting for someone to publicly exploit this.
>
>> The reason this is possible is because [...] currently channel IDs are based on UTXO's. Scid aliases may be the biggest benefit here, but the use of `unknown_next_peer` , `invalid_onion_hmac`, `incorrect_cltv_expiry`, and `amount_below_minimum` have been the biggest helpers in exploiting channel privacy.
>
> Just for reference the exploit with short_channel_ids is known since 2019:
>
> https://github.com/lightning/bolts/issues/675
>
> Though it is nice you point out explicitly the use of error codes of onions.
>
>> By creating a probe guessing the Channel ID based on unspent p2wsh transactions, it's a `m * n` problem to probe the entire network, where `m` is utxos and `n` is nodes.
>
> It is the main reason why I didn't do this. Though similar to you probing ACINQ's node one could probabilistically learn which nodes tend to have unannounced channels and gain some speedup by probing those nodes first.
>
> Also wallets tend to have poor utxo management. So looking at the on-chain signal one can probably guess for a p2wsh to which two nodes it might belong and try them first.
>
> These two strategies should reduce the number of tested nodes for a newly seen p2wsh output significantly and probably make it feasible to probe the network as new blocks come in.
>
> With kind regards Rene Pickhardt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20220613/10ec2bcf/attachment.html>;
Tony Giorgio [ARCHIVE] /
npub1a3β¦7w4e3
2023-06-09 13:06:12
in reply to nevent1qβ¦0t5z
Author Public Key
npub1a3nqqp7wlnu0sth8lpcqzcv9379xnpqesgerskr2gevkxcgmxz7st7w4e3Published at
2023-06-09 13:06:12Event JSON
{
"id": "4e3df03383cfd9a7902c29771e36bb7f8f135d2a713bbb06d50461748c5e4821",
"pubkey": "ec660007cefcf8f82ee7f8700161858f8a698419823238586a465963611b30bd",
"created_at": 1686315972,
"kind": 1,
"tags": [
[
"e",
"1618107891053511544f6de09f3eea688dfa07aedf80db4d3c530a52a0cbd29b",
"",
"root"
],
[
"e",
"60bf5569a89ce76c35e9af93a0e698203ab17604cba4aae050391685415baa6d",
"",
"reply"
],
[
"p",
"17ccd89be295c0ae65f1cd3740a9dad84ec8b6d7050712a7f04ae5284b2fab99"
]
],
"content": "π
Original date posted:2022-06-13\nπ Original message:\nRene,\n\nThanks for your reply.\n\n\u003e Also wallets tend to have poor utxo management. So looking at the on-chain signal one can probably guess for a p2wsh to which two nodes it might belong and try them first.\n\nβ\nThat was going to be one of my next steps. I thought about parsing through the data from https://github.com/lnresearch/topology in order to get a link between every unpsent p2wsh transaction up to 6 hops forward from the opening transaction between two nodes. Then keep a list of every node and their possible p2wsh transactions and probe with those. Should cut down a lot but I have not run through this dataset problem yet. Curious if you think that would be the best process moving forward with this.\n\nOtherwise, going through LSP's with the assumption set, like I did with ACINQ would probably yield further results.\n\nRegards,\nTony\n------- Original Message -------\nOn Wednesday, June 8th, 2022 at 12:42 AM, RenΓ© Pickhardt \u003cr.pickhardt at googlemail.com\u003e wrote:\n\n\u003e Dear Tony,\n\u003e\n\u003e Thank you for putting emphasis on this. I was actually waiting for someone to publicly exploit this.\n\u003e\n\u003e\u003e The reason this is possible is because [...] currently channel IDs are based on UTXO's. Scid aliases may be the biggest benefit here, but the use of `unknown_next_peer` , `invalid_onion_hmac`, `incorrect_cltv_expiry`, and `amount_below_minimum` have been the biggest helpers in exploiting channel privacy.\n\u003e\n\u003e Just for reference the exploit with short_channel_ids is known since 2019:\n\u003e\n\u003e https://github.com/lightning/bolts/issues/675\n\u003e\n\u003e Though it is nice you point out explicitly the use of error codes of onions.\n\u003e\n\u003e\u003e By creating a probe guessing the Channel ID based on unspent p2wsh transactions, it's a `m * n` problem to probe the entire network, where `m` is utxos and `n` is nodes.\n\u003e\n\u003e It is the main reason why I didn't do this. Though similar to you probing ACINQ's node one could probabilistically learn which nodes tend to have unannounced channels and gain some speedup by probing those nodes first.\n\u003e\n\u003e Also wallets tend to have poor utxo management. So looking at the on-chain signal one can probably guess for a p2wsh to which two nodes it might belong and try them first.\n\u003e\n\u003e These two strategies should reduce the number of tested nodes for a newly seen p2wsh output significantly and probably make it feasible to probe the network as new blocks come in.\n\u003e\n\u003e With kind regards Rene Pickhardt\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20220613/10ec2bcf/attachment.html\u003e",
"sig": "897d51cf6bc97f0e84c822b5d3fca4687866e1240e156fed56c1ab39fca5d12a90e8c52ee29a2981d9fbc2844466134cf9c418f04470cafdfdf4cdcf52d211fd"
}