bitcoin-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby ziggie1984

Posted on: October 17, 2023 07:21 UTC

In this email, the sender acknowledges the detailed explanation provided by Antoine regarding a class of pinning attacks.

The sender expresses concern about the likelihood of such attacks, particularly if the attacker targets channels with high capacity and loose channel policies. The sender requests more details about the attack observed on the mainnet and asks for information on monitoring tools that can be used in parallel with lightning software to record suspicious behavior.

The sender also highlights an important aspect of the attack, stating that controlling two neighboring nodes is not necessary to target a victim. By cycling the attack on the tail side and delaying the confirmation of the htlc-timeout covenant, the peer at the front of the victim's incoming link will force-close the channel and claim the timeout-path. This action cancels back the initial htlc amount to the attacker's initial node. Additionally, the sender suggests introducing a feebumping race between the victim and the attacker on the tail side of the attack to make it even more costly.

The sender proposes a solution for lightning nodes when they see the preimage in the mempool. Currently, they extract the preimage and don't attempt to race the transaction output. However, the sender suggests aggressively fee-bumping the htlc-output if the preimage is visible and can also be claimed via the htlc-timeout path. This would only be feasible with anchor channels where fees can be added to the htlc-covenant. By using fees up to 50% of the htlc value, the attack would become more costly for a peer attempting to steal the htlc.

Furthermore, the sender recommends adding another mitigation strategy for node runners, which involves restricting the amount and number of HTLCs for big channels to unknown peers. This limitation would result in a loss for attackers attempting to steal small HTLCs.

Overall, the email discusses the possibility of pinning attacks, requests more information about a specific attack, proposes additional mitigation strategies, and suggests fee-bumping as a countermeasure.