dos on a bitcoin lightning network channel
play

DoS on a Bitcoin Lightning Network channel Willem Rens July 5, 2018 - PowerPoint PPT Presentation

Nov 16, 2023 •440 likes •670 views

DoS on a Bitcoin Lightning Network channel Willem Rens July 5, 2018 MSc Systems and Network Engineering University of Amsterdam Research Project 2 Introduction Bitcoin has a hard time scaling. The Bitcoin Lightning Network was proposed

  1. DoS on a Bitcoin Lightning Network channel Willem Rens July 5, 2018 MSc Systems and Network Engineering University of Amsterdam Research Project 2

  2. Introduction • Bitcoin has a hard time scaling. • The Bitcoin Lightning Network was proposed in 2015 by Poon and Dryja. • A low-latency payment network using Bitcoin’s blockchain as its arbitration layer. 1

  3. Potential DoS vulnerability? “If one does not broadcast a transaction at the correct time, the counterparty may steal funds.” 2

  4. Research questions • Can bitcoin in a Lightning Network channel be stolen by a successful DoS attack? • Is it possible to carry out this attack in version 0.4.2 of the Lightning Labs Lightning Network daemon? 3

  5. Related work • McCorry et al. (2016) Regarding Lightning Network channels they state: “The revocation mechanism requires both parties to check the Blockchain periodically to detect if a previously revoked channel state has been submitted” • BitPico (2018) DDoS sends down 20% of Lightning nodes. 4

  6. Approach to answer research question 1 RQ1. Can bitcoin in a Lightning Network channel be stolen by a successful DoS attack? 1. Explore the design of preventing old channel states to be accepted into the blockchain. 2. Create theoretical attack. 5

  7. Lightning channel fundamentals • Bitcoin’s scripting system. • The Lightning Network is created by bidirectional payment channels. • Real Bitcoin transactions, but not included in the blockchain. Funding transaction The transaction that creates a channel. It has a multisignature output. Commitment transaction A transaction that embodies a channel state and pays out the respective balances to each channel actor. 6

  8. Old channel state invalidation • RSMC spendable in two ways • By broadcaster after a relative time-lock has finished, enforced by OP CSV. • By counterparty when using a Breach Remedy Transaction(BRT). 7

  9. Old channel state invalidation So to invalidate an old state, actors exchange the needed data to create the BRT. It follows that, broadcasting an old commitment transaction gives the counterparty an opportunity to claim all the bitcoin in the channel during the time-lock. After the time-lock both can claim the bitcoin. 8

  10. The Attack in theory 9

  11. Approach to answer research question 2 RQ2. Is it possible to carry out this attack in version 0.4.2 of the Lightning Labs Lightning Network daemon? 1. Bitcoin core v0.16.0 1 on Bitcoin’s testnet3. 2. Lighting Labs Lightning Network daemon 2 (LND) v0.4.2-beta. 3. Mallory opens channel with Alice. 4. Mallory pays Alice over the Lightning Network. 5. Mallory tries to get old favorable channel state in Bitcoin’s testnet3 blockchain. 1 https://bitcoin.org/en/release/v0.16.0 2 https://github.com/lightningnetwork/lnd/releases/tag/v0.4.2-beta 10

  12. Approach to answer research question 2 Figure 2: The server set-up during the experiment(s). Server 1’s Eth0 interface will be disabled to simulate a successful DoS attack. 11

  13. Getting access to an old channel state in the LND To attack we need the commitment and time locked output sweep transaction. • Adjusts source code to log the relevant transactions (see paper for details). • Save old state data directory and initialize the LND with it. 12

  14. DoS duration The time lock is expressed in blocks, that must pass after the commitment transaction is confirmed on the blockchain. • Time lock duration scales linearly according to the channel value. • Max 2016 blocks (14 days), min 144 blocks (1 day). 13

  15. Attack results • Attack success: Mallory got all her bitcoin back (minus transaction fees). • Expected attack time: 24 hour and 10 minutes (145 blocks). • Actual attack time: 43 hours, 3 minutes and 49 seconds. See paper or back-up slides for relevant transaction ID’s. 14

  16. Discussion • Only short up-time is needed for the counterparty. • Price of $6700 per bitcoin: attack is profitable at an estimated attacking cost that is lower than $3.33 per hour. hourlyAttackerCostLimit = ( bitcoinChannelValue ∗ bitcoinPrice ) − TxFees (144 / ( OP CSVlocktime + 1)) / 24 • Watchtowers 15

  17. Conclusion • Attack presented in theory. • Successfully executed this attack using the LND. • Although simulated, a real DoS attack would achieve the same results. • In the Lightning Network it is possible to claim bitcoin that belongs to a counterparty by making use of a DoS attack. • For profit attacks not yet seen in the wild. • Hard-coded channel value limit. • Acceptance limited to a few early adopters. • Lightning Network software is in beta. 16

  18. Future work • Real DoS instead of simulation. • Multi-hop channel context. 17

  19. Questions? 17

  20. Backup slides: transaction ID’s Transaction type Transaction ID In blockchain? Funding transac- 7d0d80c916fc956e555ae4d2bb516ac4 Yes tion 9dc8efbb990bb9427317d8e2e1bbba17 Old channel state b06cc0d70d3a8faef975aab390c87027 Yes commitment 4c9b963cde8d3754f1959f1874d620fc transaction Time locked out- 099f1135d7ff29a318f31c45dff2b69e Yes put sweep transac- 7e3ea6971d2b68dd9a5974f8738a7e07 tion Latest channel ef5c8326cf522f0a4f30c818e8de8613 No. state commitment 585b2768f22d5b98b6c29e7c3e99d726 transaction Table 1: Relevant Bitcoin testnet3 transactions.

  21. Backup slides: different channel closures

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01

nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01

nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01 @n1ckler A smart home A Bitcoin node A lonely datacenter Robustness Do you trust binaries from some cache or do you build from source? Do

411 views • 29 slides
Quantitative Analysis of Lightning Network Privacy Sergei Tikhomirov (University of Luxembourg),

Quantitative Analysis of Lightning Network Privacy Sergei Tikhomirov (University of Luxembourg),

Quantitative Analysis of Lightning Network Privacy Sergei Tikhomirov (University of Luxembourg), Pedro Moreno-Sanchez (TU Wien), Matteo Maffei (TU Wien) Full paper: https://eprint.iacr.org/2020/303 Why Lightning? Bitcoin scales poorly (~3

436 views • 17 slides
L is for Lightning! An analysis and comparison of lightning and lightning incidents in Co L

L is for Lightning! An analysis and comparison of lightning and lightning incidents in Co L

STRUCK BY LIZ LIGHTNING PRODUCTIONS PRESENTS: L is for Lightning! An analysis and comparison of lightning and lightning incidents in Co L orado versus F L orida By: Elizabeth Liz Lightning Prasse Why lightning? Personal survivor

423 views • 23 slides
Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Cryptocurrency Technologies Mechanics of Bitcoin Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin Scripts Bitcoin Blocks The Bitcoin Network Limitations and Improvements Mechanics of

695 views • 33 slides
Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed

Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed

Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed Computing Group www.disco.ethz.ch What is Bitcoin? What is Bitcoin? + What is Bitcoin? = + Whats it worth? USD / Bitcoin exchange price 300

752 views • 48 slides
Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers are not trusted: may be greedy or corrupt Each peer knows about all bitcoins and transactions Transaction (sender -> receiver): sender

958 views • 23 slides
Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin work? The characteris5cs of Bitcoin WHAT IS BITCOIN Bitcoin is a form of digital currency, created and held electronically. No one controls it.

839 views • 17 slides
Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti,

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti,

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti, Pramod Viswanath Untraceable Bitcoin https://www.youtube.com/watch?v=k8LqlMzEe-I This is false. Blockchain sd93fjj2 Bitcoin Primer

284 views • 26 slides
A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital currency Anyone can be part of the network Global distributed ledger called blockchain First Appearance Bitcoin: A Peer-to-Peer Electronic

4.02k views • 48 slides
Network Layer October 2, 2019 guha.jayachandran@sjsu.edu Layer 2: Protocol atop Layer 1

Network Layer October 2, 2019 guha.jayachandran@sjsu.edu Layer 2: Protocol atop Layer 1

Network Layer October 2, 2019 guha.jayachandran@sjsu.edu Layer 2: Protocol atop Layer 1 (Lightning, Plasma, etc.) Layer 1: Coin protocol (Bitcoin, Ethereum, etc.) Layer 2: Protocol atop Layer 1 (Lightning, Plasma, etc.) Layer 1: Consensus

168 views • 12 slides
Ant routing for the Lightning Network (with C. Grunspan) Ricardo P erez-Marco @rperezmarco

Ant routing for the Lightning Network (with C. Grunspan) Ricardo P erez-Marco @rperezmarco

Decentralized Networks Lightning Network. Biological ant routing Basic ant routing for LN Ant routing for the Lightning Network (with C. Grunspan) Ricardo P erez-Marco @rperezmarco webusers.imj-prg.fr/ ricardo.perez-marco CNRS,

1.32k views • 115 slides
Mining, network, economics Joseph Bonneau Recap: Bitcoin miners

Mining, network, economics Joseph Bonneau Recap: Bitcoin miners

Lecture 2 Mining, network, economics Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store and broadcast the block chain Validate new transactions Vote (by hash

1.1k views • 98 slides
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae Kim* *KAIST, Sungkyunkwan University 1 Governance conflict The number of Bitcoin transaction per month Bad scala bility

731 views • 46 slides
On the insecurity of quantum Bitcoin mining arXiv:1804.08118 Or Sattath, Ben-Gurion University

On the insecurity of quantum Bitcoin mining arXiv:1804.08118 Or Sattath, Ben-Gurion University

On the insecurity of quantum Bitcoin mining arXiv:1804.08118 Or Sattath, Ben-Gurion University QCrypt 2018 SUMMARY The Bitcoin network will become less secure once Bitcoin miners use a quantum computer. Quantum Bitcoin mining a high

872 views • 24 slides
Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments

Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments

Cryptocurrency Technologies Bitcoin as a Platform Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments Token tracking Multiparty lotteries Public randomness Prediction markets A fine stew

714 views • 38 slides
Transaction clustering using network traffic blockchains analysis for Bitcoin and derived

Transaction clustering using network traffic blockchains analysis for Bitcoin and derived

Transaction clustering using network traffic analysis for Bitcoin and derived Transaction clustering using network traffic blockchains analysis for Bitcoin and derived blockchains Biryukov, Tikhomirov Introduction Network privacy Alex

491 views • 30 slides
Boundary Channel Drive Interchange Boundary Channel Drive/I-395 Interchange Improvements

Boundary Channel Drive Interchange Boundary Channel Drive/I-395 Interchange Improvements

Boundary Channel Drive Interchange Boundary Channel Drive/I-395 Interchange Improvements Existing Conditions Existing Conditions Existing Conditions Existing Conditions 14 th Street Bridge Corridor EIS 14 th Street Bridge Corridor EIS Concept

326 views • 18 slides
PRESENTATION FINAL REPORT Session 1 PRESENTATION OF THE EVALUATION AND METHODOLOGY ADOPTED

PRESENTATION FINAL REPORT Session 1 PRESENTATION OF THE EVALUATION AND METHODOLOGY ADOPTED

Evaluation of EC aid delivery through Civil society organisations PRESENTATION FINAL REPORT Session 1 PRESENTATION OF THE EVALUATION AND METHODOLOGY ADOPTED Objectives of the CSO evaluation To obtain comprehensive picture of aid

1.01k views • 58 slides
TRIPWIRE ENTERPRISE SERVER - UBIT Tech Review February 2019 John Ball

TRIPWIRE ENTERPRISE SERVER - UBIT Tech Review February 2019 John Ball

TRIPWIRE ENTERPRISE SERVER - UBIT Tech Review February 2019 John Ball john@buffalo.edu 1 What is Tripwire? Enterprise Security Configuration Management (SCM) tool Standards Compliance software - File

155 views • 11 slides
ACADI: Automatic Character (in Audiovisual Document) Indexing Frdric GIANNI and Julien

ACADI: Automatic Character (in Audiovisual Document) Indexing Frdric GIANNI and Julien

ACADI: Automatic Character (in Audiovisual Document) Indexing Frdric GIANNI and Julien PINQUIER Ewa KIJAK IRIT - Universit Paul Sabatier IRISA 118, route de Narbonne Campus de Beaulieu 31062 Toulouse Cedex 9, FRANCE 35042 Rennes

328 views • 4 slides
Presentation plan: 1-2 hour training Teams enhances the way teachers and students share

Presentation plan: 1-2 hour training Teams enhances the way teachers and students share

Course 3: Working with students 1/14 Presentation plan: 1-2 hour training Teams enhances the way teachers and students share information, ISTE Educator learn, and connect with each other. In this course, teachers Standards: 1B, 2C,

787 views • 14 slides
AutoSlim: Towards One-Shot Architecture Search for Channel Numbers Jiahui Yu, and Thomas Huang

AutoSlim: Towards One-Shot Architecture Search for Channel Numbers Jiahui Yu, and Thomas Huang

AutoSlim: Towards One-Shot Architecture Search for Channel Numbers Jiahui Yu, and Thomas Huang University of Illinois at Urbana-Champaign Presenter: Yuchen Fan EMC2 Workshop @ NeurIPS 2019 1 Motivation What is the goal of this work?

197 views • 6 slides
Modeling IEEE 802.15.4 based Wireless Sensor Network with Packet Retry Limits Prasan Kumar Sahoo

Modeling IEEE 802.15.4 based Wireless Sensor Network with Packet Retry Limits Prasan Kumar Sahoo

Modeling IEEE 802.15.4 based Wireless Sensor Network with Packet Retry Limits Prasan Kumar Sahoo Vanung University, Taiwan Jang-Ping Sheu National Tsing Hua University, Taiwan Outline Introduction Objectives System Model

834 views • 38 slides
Simplifying Pillar Management with Forms and Formulas in SUSE Manager TUT1053 Raine Curtis

Simplifying Pillar Management with Forms and Formulas in SUSE Manager TUT1053 Raine Curtis

Simplifying Pillar Management with Forms and Formulas in SUSE Manager TUT1053 Raine Curtis Patrick Swartz N America Core Services Team Lead, Consultant Sales Engineer rcurtis@suse.com patrick.swartz@suse.com SUSE SUSE 1 Agenda The

634 views • 49 slides

More recommend