V3 transaction policy for anti-pinning

V3 transaction policy for anti-pinning

Original Postby harding

Posted on: January 8, 2024 00:46 UTC

The discussion revolves around the examination of a potential vulnerability in v3 transaction pinning.

The vulnerability under consideration is most severe in scenarios where a commitment transaction lacks any pending HTLCs (Hash Time-Locked Contracts). In such cases, an attacker could intentionally lower the fee rate of the transaction cluster by absorbing the cost of fees themselves. This form of attack would primarily result in a delay for the victim, referred to as Bob, in spending their channel funds, while the attacker, known as Mallory, bears the financial burden of the fees.

Further analysis suggests that the effectiveness of this attack diminishes with the presence of pending HTLC outputs. Each additional HTLC reduces the impact of the attack due to the smaller relative size difference between the transactions involved. An interesting countermeasure involves Bob opting to pay out-of-band to increase the transaction fees for both his commitment transaction and Mallory's pinning transaction. This strategy could potentially result in Bob paying less in fees than he would have if the attack had not occurred, turning the financial consequences onto Mallory.

Nonetheless, the necessity to make out-of-band payments to counter such attacks is considered harmful to the principles of mining decentralization. Despite these concerns, the overall implications suggest that the described pinning attack may be ineffective, especially when considering the potential countermeasures available to the party under attack.