Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Mass Exit Attacks on the Lightning Network

Cosimo Sguanci, Anastasios Sidiropoulos

TL;DR

This work shows that, under historically-plausible congestion conditions, with mild statistical assumptions on channel balances, the proposed attacks can be performed by a small coalition of adversarial nodes in the presence of a large set of honest users.

Abstract

The Lightning Network (LN) has enjoyed rapid growth over recent years, and has become the most popular scaling solution for the Bitcoin blockchain. The security of the LN relies on the ability of the nodes to close a channel by settling their balances, which requires confirming a transaction on the Bitcoin blockchain within a pre-agreed time period. We study the susceptibility of the LN to mass exit attacks in case of high transaction congestion, in the presence of a small coalition of adversarial nodes that forces a large set of honest users to interact with the blockchain. We focus on two types of attacks: (i) The first is a zombie attack, where a set of k nodes become unresponsive with the goal of locking the funds of many channels for a period of time longer than what the LN protocol dictates. (ii) The second is a mass double-spend attack, where a set of k nodes attempt to steal funds by submitting many closing transactions that settle channels using expired protocol states; this causes many honest nodes to have to quickly respond by submitting invalidating transactions. We show via simulations that, under historically plausible congestion conditions, with mild statistical assumptions on channel balances, both attacks can be performed by a very small coalition. To perform our simulations, we formulate the problem of finding a worst-case coalition of k adversarial nodes as a graph cut problem. Our experimental findings are supported by theoretical justifications based on the scale-free topology of the LN.

Mass Exit Attacks on the Lightning Network

TL;DR

This work shows that, under historically-plausible congestion conditions, with mild statistical assumptions on channel balances, the proposed attacks can be performed by a small coalition of adversarial nodes in the presence of a large set of honest users.

Abstract

The Lightning Network (LN) has enjoyed rapid growth over recent years, and has become the most popular scaling solution for the Bitcoin blockchain. The security of the LN relies on the ability of the nodes to close a channel by settling their balances, which requires confirming a transaction on the Bitcoin blockchain within a pre-agreed time period. We study the susceptibility of the LN to mass exit attacks in case of high transaction congestion, in the presence of a small coalition of adversarial nodes that forces a large set of honest users to interact with the blockchain. We focus on two types of attacks: (i) The first is a zombie attack, where a set of k nodes become unresponsive with the goal of locking the funds of many channels for a period of time longer than what the LN protocol dictates. (ii) The second is a mass double-spend attack, where a set of k nodes attempt to steal funds by submitting many closing transactions that settle channels using expired protocol states; this causes many honest nodes to have to quickly respond by submitting invalidating transactions. We show via simulations that, under historically plausible congestion conditions, with mild statistical assumptions on channel balances, both attacks can be performed by a very small coalition. To perform our simulations, we formulate the problem of finding a worst-case coalition of k adversarial nodes as a graph cut problem. Our experimental findings are supported by theoretical justifications based on the scale-free topology of the LN.
Paper Structure (36 sections, 1 equation, 8 figures, 1 table)

This paper contains 36 sections, 1 equation, 8 figures, 1 table.

Table of Contents

  1. Introduction
  2. The attacks
  3. Our main results
  4. Theoretical justification
  5. Organization
  6. Selecting an adversarial coalition as a graph cut problem
  7. The graph cut problem
  8. From graph cuts to mass exit attacks
  9. From $k$-LMC to zombie attacks
  10. From $k$-LWMC to mass double-spend attacks
  11. Computing lopsided max-cuts
  12. The experimental setup
  13. Modeling layer-1 congestion
  14. Modeling the strategy of honest nodes
  15. Results of the Zombie Attack
  16. ...and 21 more sections

Figures (8)

  • Figure 1: The value of the greedy solutions for $k$-LMC and $k$-LWMC, as a function of $k$.
  • Figure 2: Levels of congestion between December 2017 and February 2018, showing the end of the period of congestion that started around Dec. 6, 2017.
  • Figure 3: Remaining zombie channels to close as a function of time measured in blocks, for various fee ranges, with static honest player strategy, in scenario 1 (attacking the best LMC on the left and 30-LMC on the right) and scenario 2 (in the center).
  • Figure 4: Time measured in blocks needed to close all the zombie channels, as a function of the fee used by the victims for different values of $k$, with static honest player strategy, in scenario 1 (left) and scenario 2 (right).
  • Figure 5: Number of blocks needed to close all the zombie channels, with dynamic honest player strategy, as a function of the step parameter, in scenario 1, attacking 30-LMC (beta=1.01 on the left, beta=1.1 on the right) and 1 million zombie channels, in the center (beta=1.01).
  • ...and 3 more figures