bitcoin-dev

Demonstrating Pinning Attacks under Real-World Conditions

Demonstrating Pinning Attacks under Real-World Conditions

Original Postby Antoine Riard

Posted on: August 27, 2024 21:10 UTC

Antoine follows up on Dave Harding's suggestion to significantly enhance the Bitcoin ecosystem by establishing several "free-to-pwn" lightning nodes on the mainnet.

This initiative aims to allow individuals to conduct sophisticated cross-layer attacks, such as pinning, in a controlled environment to demonstrate their feasibility and severity under real-world conditions. Antoine highlights that executing attacks on a private regtest or testnet differs vastly from doing so on the mainnet, where the outcomes can be critically evaluated and discussed by a broader audience. This approach aligns with the research standards of major security conferences that demand artifacts for demonstration.

The proposed setup for these demonstration attacks includes running a full node (such as core or btcd) alongside a lightning node (like core-lightning, ldk, or lnd), both configured with default mainnet settings. The choice to use default settings is crucial as testnet and regtest environments often lack the complex behaviors and mempool congestion cycles seen in the mainnet, making them less suitable for realistic testing scenarios. Participants interested in demonstrating attack techniques are encouraged to fund the opening of new channels, provided they meet the minimum threshold to conduct meaningful attacks.

Antoine also addresses potential criticisms regarding the complexity of full-node software and lightning implementations. He suggests that some experts and maintainers might be exploiting users' trust in the protocol's robustness, potentially misleading them about the safety of their funds and the economic viability of Lightning Service Providers (LSPs). By facilitating public demonstrations of cross-layer attacks like pinning, Antoine aims to shed light on these complexities and vulnerabilities, offering a more transparent and verifiable way for the community to assess and discuss the protocol's security.

Lastly, Antoine expresses his eagerness to showcase pinning attacks under real-world conditions, emphasizing the value of public verifiability over private infrastructure tests, which lack this critical aspect. His message includes a reference to a previous call for such demonstrations at a transaction relay workshop in 2021, along with a critique of certain social media personalities and podcast hosts who, despite touting their open-source veteranship, may not fully account for the implications of their actions on end-user safety and trust.

For further information, visit the Linux Foundation's mailing list archive here.