Disclosure: LND Excessive Failback Exploit

The proposal highlighted in the proposed spec change aims to adjust the guidelines concerning the handling of HTLCs (Hashed Time-Locked Contracts) within the Lightning Network's operational framework. The current specification provides nodes with the discretion to fail back HTLCs for which a preimage is known under certain circumstances, categorized under a "MAY" clause. This suggests that nodes have the option but not an obligation to act in this manner. The suggested modification seeks to transition this flexibility into a more definitive guideline by advocating for a "SHOULD NOT" stance regarding the failure of incoming HTLCs when the preimage is disclosed.

This adjustment is rooted in the technical nuances associated with the inclusion of HTLCs in commitment transactions. The distinction between an HTLC being included or not in the commitment transaction bears significant implications. When not included, failing the HTLC backward does not present a challenge. However, complications arise when the HTLC is part of the commitment transaction, especially considering the variable nature of mempool feerates which influence the cost-effectiveness of confirming the commitment transaction on the incoming channel.

Moreover, the reliance on cooperative behavior from the LN channel counterparty is underscored as a critical factor. The existing framework, particularly BOLT5 which outlines recommendations for on-chain transaction handling, implicitly assumes that nodes can depend on their counterparties' cooperation to resolve disputes or operational challenges off-chain. This proposed change emphasizes the potential limitations of this assumption, highlighting scenarios where the decision to fail back is not materialized on-chain, thus necessitating a reevaluation of reliance on interactivity for resolving such matters.

In essence, the proposal not only seeks to refine operational precision within the Lightning Network by clarifying the conditions under which HTLCs should not be failed back but also addresses broader considerations regarding network reliability and the dependence on cooperative counterparties.