Eclipsing Bitcoin Nodes with BGP Interception Attacks

Attackers, by manipulating BGP routes, can intercept or manipulate Bitcoin nodes' traffic, enabling potential abuses like wasting mining power and double spending. This stealthier variant of attack uses BGP communities to limit announcement spread, making it harder to detect while allowing traffic to be forwarded to legitimate destinations. A proof-of-concept implementation demonstrated the practicality of such attacks, showing that targeting specific IP prefixes associated with Bitcoin nodes could hijack a considerable portion of node traffic without raising alarms due to the daily volume of BGP announcements.

To counter these threats, various mitigation strategies are proposed, including leveraging networking data observable by nodes, periodically rotating peers, and using dynamic port negotiation. Incorporating traceroute capabilities into Bitcoin Core could enable route-aware peer selection, enhancing the network's defense by prioritizing path diversity. Furthermore, employing honeypot monitoring nodes and integrating external monitoring tools designed for Bitcoin Core could facilitate the detection of BGP attacks and enhance node resilience through comprehensive monitoring.

The discussion underscores the importance of authentication in preventing man-in-the-middle attacks, highlighting the role of countersign technology. Countersign could make attacks detectable even by a few nodes, significantly improving security measures. Additionally, maintaining an alternative internet connection, such as a satellite feed receiver, is suggested as a valuable strategy for enhancing security.

Monitoring specific metrics like the number of connection path changes and the churn rate of non-reachable nodes can aid in detecting unusual activities indicative of attacks. The implementation of aggressive probing and anomaly detection techniques is discussed as potential countermeasures, along with the need for continuous monitoring to identify and respond to route changes.

The dialogue also touches on the potential of network-level attacks against Bitcoin and the importance of BIP324 and StratumV2 in mitigating such risks. The use of alternative connection types like Tor or I2P is considered, with their configuration playing a crucial role in either exacerbating or mitigating attacks. The conversation highlights the necessity of raising awareness among node operators about network attack vulnerabilities and urges the adoption of robust security features like tight ROAs and ASPA.

Furthermore, the email exchanges delve into the significance of understanding fingerprinting attacks and the mapping of network topologies for enhancing security measures. It emphasizes the need for educational efforts to inform Bitcoin node operators and Lightning Network participants about recognizing and mitigating vulnerabilities. The importance of incorporating educational content on Lightning Network operations is acknowledged, given the interconnectedness of Lightning operators and Bitcoin node runners.