The below is a direct excerpt of Marty’s Bent Issue #1106: “Jamming attacks on the Lightning Network and proposed solutions.” Sign up for the newsletter here.
Our good friend Gleb Naumenko dropped an incredible post today dissecting jamming attacks on the Lightning Network and a slew of proposed solutions from a number of developers working on the second layer protocol. A Jamming 101 explanation is described above, but to reiterate, it is akin to a distributed denial of service attack commonly waged against particular sites on the web. On the Lightning Network a similar attack can be waged by a malicious actor who takes up channel capacity by taking up sat real estate on a path by initiating a payment they never intend to complete. Freezing liquidity for other potential users who could send sats along the same path.
To date, this attack vector hasn’t been exploited to the best of my knowledge. However, it is certainly possible and it is probably most beneficial to recognize that and begin to devise mitigation techniques.
This is exactly what this group of developers has done. Every solution comes with tradeoffs, most of which pertain to privacy and fees. After reading through Gleb’s post a few times, it seems that the best proposal pertains creating a reputation token with a staking mechanism, which would likely reduce privacy while adding a fee to transactions. Even those that fail to get confirmed in a block. (If this sounds familiar, that’s because this is currently possible on Ethereum.)
Is this an unfixable problem? I doubt it. What I do know for sure is that I’m happy there are individuals like Gleb, Antoine Riard, Joost Jagr, roasbeef, niftynei, t-bast, and many others who are conducting critical research to identify problems and propose solutions.
If anything, posts like this are a reminder of how young the BNP/LP stack is and how much needs to be fortified and built out moving forward. Even if you’re not technical, I recommend reading this article. You’ll get a better understanding of the topology of the Lightning Network.
Credit: Source link