Onion Message Jamming in the Lightning Network

The challenges with implementing base protocols for wide-scale deployment largely stem from the inherent security versus usability tradeoff. When these protocols are deployed without conditions, they can negatively impact user experience. A notable example is in scenarios where all onion messaging requires payment for transit, potentially allowing individuals to exploit the system by issuing BOLT 12 invoices and then failing to respond. This scenario places a financial burden on the sender, which varies based on several factors such as retry cadence, the cost of the selected message transmission route, timeout settings, and the budget allocated for fetching the invoice.

At the Zurich summit in 2021, a concept named "Forwarding Passes" was proposed to mitigate these issues (read more about the discussion). This idea revolves around using a per-node reputation currency created through symmetric cryptography. To navigate through a node, one must first acquire a freebie pass through either an initial failed payment or a specific Local Service Provider (LSP) bootstrapping mechanism. Subsequent successful payments that include this pass may result in additional benefits or enhanced reputation for the sender within the node's network.

This approach aims to maintain network operation during attacks by allowing nodes to operate under reduced functionality when faced with spam or abuse. Nodes can implement local policies to manage traffic, such as accepting only those forwarding passes which meet certain criteria like age or accumulated routing fees. However, potential downsides include the ability for a forwarding node to correlate senders to some extent due to the pseudonymous nature of the identifiers used, which do not disclose fully anonymous data like public keys.

Furthermore, there remains an ongoing debate regarding the optimal level of fees necessary to balance the deterrence of attackers (including well-funded ones) and the facilitation of honest traffic. The struggle to find this balance underscores the complexity of implementing market-based mechanisms in network protocols, highlighting the need for strategic fee setting to avoid disproportionately impacting regular users while still deterring malicious activities.