lightning-dev

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Full Disclosure: CVE-2023-40231 / CVE-2023-40232 / CVE-2023-40233 / CVE-2023-40234 "All your mempool are belong to us"

Original Postby Antoine Riard

Posted on: October 18, 2023 02:57 UTC

The email discusses various mitigations for lightning attacks in the context of disclosure mails.

One of the mentioned mitigations is bumping CLTV delta, which allows node operators to intervene and re-broadcast their time-sensitive transactions on other interfaces if the first one is eclipsed. This serves as a basic line of defense against many lightning attacks.

Another mitigation mentioned is transaction re-signing, which can potentially impose an economic cost on the attack in terms of fees or feerates. However, it is unclear whether the game-theory behind this cost holds.

The email also considers the deployment of stratum v2 as a potential way to make the attack harder. By increasing the number of miners who can create their own block templates, the attacker would need to continuously replace channels counterparties transactions in multiple miners' mempools. To mitigate this, the suggestion is to have a replacement buffer or history of transactions at the mempool level. However, it remains to be seen if this approach can be made robust enough.

The email mentions that fees were noted as a challenging issue in the original paper. It suggests that individuals like Tadge or Rusty, who were involved in the early design of lightning, may have additional ideas for mitigations.

Overall, the email highlights different mitigations for lightning attacks, including bumping CLTV delta, transaction re-signing, and the deployment of stratum v2. It also acknowledges the complexity of addressing fees and suggests seeking input from experts involved in the early design of lightning.