bitcoin-dev
Scaling Lightning Safely With Feerate-Dependent Timelocks
Posted on: December 14, 2023 17:07 UTC
The Lightning Network's efficiency relies on timelocks, which are susceptible to "forced expiration spam" denial-of-service attacks.
These attacks involve mass channel closures that prevent honest users from completing transactions in time. Feerate-Dependent Timelocks (FDTs) have been proposed as a countermeasure, extending timelocks during high congestion and increased transaction fees. This deters attackers by making it cost-inefficient to lock funds with the intention of network flooding.
FDTs are designed to automatically adjust to varying blockchain conditions, enhancing security without sacrificing capital efficiency in normal fee environments. They also protect against dishonest miners who might manipulate transaction fees. The application of FDTs extends to channel factories, a feature that allows multiple channel creations within one transaction, posing an increased systemic risk.
A proposal for FDT implementation suggests using the nSequence field of Bitcoin transactions to encode maximum acceptable fees, ensuring that transactions adhere to predetermined timelocks and fee rates. This verification process is cost-effective in terms of computational and memory resources. Furthermore, FDTs correct previous inaccuracies in assessing double-spend attack risks, considering advanced strategies by dishonest miners.
The comprehensive paper detailing FDTs also explores their broader applications, such as preventing unexpected fee spikes and addressing specific transaction types within the Lightning Network. As a security measure, FDTs penalize attackers attempting forced expiration spam attacks by prolonging the timelocks on their funds. Moreover, FDTs assist in managing feerate risks and calculating fee penalties.
Despite requiring additional DRAM and computing power, the costs associated with implementing FDTs are minimal compared to their benefits. There is a call for Bitcoin's consensus rules to be updated to include FDT support. However, it is acknowledged that if attackers can choose the timing of a double-spend attack, they will succeed regardless of certain parameters, although the difficulty of carrying out such attacks increases substantially with these parameters in place.