1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
|
Delivery-date: Tue, 30 Jul 2024 12:58:14 -0700
Received: from mail-ot1-f61.google.com ([209.85.210.61])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDRYHVHZTUGRBTULUW2QMGQE7WF4LSY@googlegroups.com>)
id 1sYsz8-0007BW-Bu
for bitcoindev@gnusha.org; Tue, 30 Jul 2024 12:58:14 -0700
Received: by mail-ot1-f61.google.com with SMTP id 46e09a7af769-7036d1f9acasf4999672a34.3
for <bitcoindev@gnusha.org>; Tue, 30 Jul 2024 12:58:14 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1722369488; cv=pass;
d=google.com; s=arc-20160816;
b=Cxsxg4hs/IR1mXbe0FkJ3XgOGmNsZ6FVbyv4Z1ucxUEz5KjiFzWksTS87mGjFy0RCR
Lha0sqTtC+oonC0QssEJFXA+vqZ5KINt3SmFqEZe1hjuWMpJ13mnXTwbyYEegrMCyRBo
aaB/CxJTBTYoLuKFSwn6ShQWKtcSLM0z4rr4I8Alryk5WoUXPEYJUKR5o59E+zcEptgc
4Kn8n7w73yE0pdwEB09VvWpbggfzO8fW9nr8ysBXLaYox17I56wcK3pLhuGd1puKqNGq
Yp/dvRw5kcIdBuCO5zi5Ifh+2TazfDlQ5qfHWSs5sRUAdJmJBZMTPimoiu3chGHq7VB6
pnog==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:in-reply-to:content-disposition
:mime-version:references:message-id:subject:cc:to:from:date
:feedback-id:sender:dkim-signature;
bh=MowZj5jz/v1LDel2tuDIT3njJ61kdSmj0ifNlZaJmy0=;
fh=16MhvNoztfiXexyxwrxM2ad4K5H31IWb1V209AQu7jc=;
b=XZRyMMad+x2L9h9rbR+xHZFkDsSu2pCs8CUsBnUnC2+rKRXMtpFhMJgwtRcd9vz1Z3
k4iD148PMXgP7lmzwEM8QPCcdosHchxoSXY3yaXDeEEvWB/1FneNKjKzx2yl6wSyhHqK
SYR/Sv06ujmA0mGeNfNcLzbnfpV5TucsVbegd0QmWdrzR/KYBuyi85ggLQ0ydjM3kJOP
9kbjskbaDjRK8MuJvSaCBbNhLnJm9Ursxcq2TLe7wTZvWIadIaP6N1NyClyK/wSMCIKg
ecy1jwNdaIcpIGPe6Kk8LyGl0qKMqoDj3285lY8nAvKVnI28aCzhPGJT+2IyFecubDnK
7BbA==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=FgfoCoVl;
spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) smtp.mailfrom=pete@petertodd.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1722369488; x=1722974288; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id:sender
:from:to:cc:subject:date:message-id:reply-to;
bh=MowZj5jz/v1LDel2tuDIT3njJ61kdSmj0ifNlZaJmy0=;
b=xW6L82AyYYy9E7u5qKuhVvXIlMIIXul0R42985cP6gm5nk76SkvhHceX6jPDShUbaW
1BlJ762/rb7UzLtZd8t1GzmSC+V2nAAApbwPJr1L7xURg54mrZlnmpiAJ2KlQuAplrMt
MvGjvdybQ60IPV7jO2kJPLlBsS+mLIBk7+a6gFBxUw0VGxGj6mPL2rkx3xDgq0Imy9FL
tNeDPHDHdAyFbxqODVzOdVsB8tWYV1d+b5K12W0j+264TqlgWat4+8dMOouXE1bxkDC/
0oQ9CvKww5dYqRzAYfrSEr2jaKcrgWd9KOnDN1tc5J1GQFdhkw0PfMd6aGSx3KtKWha9
aMLA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1722369488; x=1722974288;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id
:x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
:message-id:reply-to;
bh=MowZj5jz/v1LDel2tuDIT3njJ61kdSmj0ifNlZaJmy0=;
b=u4iCqOK3FuoAMQYBIoBGFhJPUZWRF+J9lxG+V+RQYqMIBVzwOVPn+fsorNqZds7o7a
232xsUSooAWbcKpkyOh4OLac3Y1eFj02PtUev4fUTgVZPBDgHdd36ujRTOLrwBv4mYhS
hCE8KvWOQxE+9oNCHDBVMQwlwUUmBuO1zXXqTFhV8vS/MZf9xa9gIQ8SJfp9lpcJj5FY
P9+udFaTgQ9r62K+iUiSuzMztp635gwZPnEEKFc9Qgid0LpuwhhZ92srvSaJlFvqkv0Y
qO3xNHmXjDZ+XWQOEpqwG/cV03saNS7JWfWmk09D/PF1y2tMebK5WNRA+ENljQWtJcmF
HNRg==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCW+UC5Ksi+/oCznbiMuPBlgkyVUQ6E7Gav4sO9365qZ/zyTZYSmegRUcpoIFSKnLZ9+0R9hYWBA/LWtIDoituKwo+SXDHA=
X-Gm-Message-State: AOJu0Yzg3G54Qauxrp3j9uIGwcSuqdwzxt/U1pTylFWGB7E4gazFqCtD
2+zoYFlwhpuKDdDebbhIJCmAN3PpAdfUIdVcYvYrdn3mUvyxuWwX
X-Google-Smtp-Source: AGHT+IHDvMKUmF6205OPWprHilc6TlFvCbDY8gO/JJzYgKAVm/38oKIyVNydtgP/qoh5U2LMRIVNjA==
X-Received: by 2002:a05:6871:3a0f:b0:260:ee93:f388 with SMTP id 586e51a60fabf-267d4ee60d2mr15642212fac.32.1722369487823;
Tue, 30 Jul 2024 12:58:07 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:6870:798f:b0:24f:d281:c6c2 with SMTP id
586e51a60fabf-2649fcfde6dls4206180fac.2.-pod-prod-09-us; Tue, 30 Jul 2024
12:58:06 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCWq5WXOnv8cPt1bKbYVl2rBwhXlklm+fC/dUsU+NxP/mBpp8yVklP6KvbKZnwiMfOBRl+u15zyTpMXU1qcoiYDZqQZjv0wQa6z9J/U=
X-Received: by 2002:a05:6871:51e3:b0:259:83dc:34ce with SMTP id 586e51a60fabf-267d4d5340dmr265116fac.3.1722369486056;
Tue, 30 Jul 2024 12:58:06 -0700 (PDT)
Received: by 2002:aca:191a:0:b0:3db:178d:6ee6 with SMTP id 5614622812f47-3db4911ee39msb6e;
Tue, 30 Jul 2024 12:38:19 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCVbh+7EpGKnucpb6GXYlsJ/9/zN+9Gtgatiepb87d8JjqBljGl4LulGFKmA9nqQXSB81YK69P+MJ1bsAFosLkaUmdtSMVMl1oOjAFw=
X-Received: by 2002:a05:6820:1ca2:b0:5ce:a225:cbb2 with SMTP id 006d021491bc7-5d5d0d97bd3mr13224974eaf.1.1722368298251;
Tue, 30 Jul 2024 12:38:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1722368298; cv=none;
d=google.com; s=arc-20160816;
b=l1mGEOdeyif+bjOR8VKggkaez9koxGNhewdBX3/dd07UUu1CzMSWMdVrVoYM9ve/he
Z15Tf4tmq5SOtEstNcrqzuX50ZVEGF4fXpnH4ucPWyfD2DMlaVsLkhinr9O7gGi2SINn
ic12m31Vv3KT1Lfzvbw9buxpwPiqyPHYqIcQsKS3Q73D8qOnqFjSKVMoY+b60PGTlAGQ
DWdOD15Ycl5bqtdsrTBqSg4Kj/gogMxRryuSW0WDj3mDfTvugMfUh/dNkjoz2NND0k2g
v3xWsL7w4EyNXY0cOXOd3zdQqTnpJop3Qdfs/tSwGbpNOt5S/DuGkjsYuA/dcbGp0oXk
DCRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:feedback-id:dkim-signature;
bh=fuutaU2AfYcF+LqNzikzqI6yNvu9sFWd+i0VJcgjO9s=;
fh=0VUb5kXR59FnpR6srSO2TutR3QvdsoYQzVeWlpZIeds=;
b=q2ggYXKLcr3/RW1EZ5gWjj8sO8VYxWJv/HLJ0iHqgP9nSZclKO/YF99BH+ZBpcvx/B
NB/SRs0hOCHlE4IWCK8Je2/Ihk9whFC1RSGZxaEiy8eH1W9cLJZuyn/aoOaXIiyW+ZEI
1EvH9w3MZFL6ZDbScGviSf4JhB69mSJq6eY4fhsbgi/QICxBgqG6S67gKMljuJDlX9s4
9JD+zQY8dGMI5fP7PvDRz9wnUo/LC0DJbMmgCmGcPZVRu60hgTl04LzrSNuF3zg3jpbK
vPew+I6sffSbX1W96S7WJTdnDtqSbS9zZClIcHb4t3aJiIotCAaFaV/kywZUwGIsfsKb
p6qw==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=FgfoCoVl;
spf=pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) smtp.mailfrom=pete@petertodd.org
Received: from fout5-smtp.messagingengine.com (fout5-smtp.messagingengine.com. [103.168.172.148])
by gmr-mx.google.com with ESMTPS id 006d021491bc7-5d608d911e2si119142eaf.1.2024.07.30.12.38.17
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 30 Jul 2024 12:38:18 -0700 (PDT)
Received-SPF: pass (google.com: domain of pete@petertodd.org designates 103.168.172.148 as permitted sender) client-ip=103.168.172.148;
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
by mailfout.nyi.internal (Postfix) with ESMTP id 78B8813804D2;
Tue, 30 Jul 2024 15:38:17 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
by compute3.internal (MEProxy); Tue, 30 Jul 2024 15:38:17 -0400
X-ME-Sender: <xms:KUGpZgfEKLkO8ooYfh7yOgI4Q_kYXhrPUW2orAO0-Efgjm_rH8gRKQ>
<xme:KUGpZiPd44bmb56Pdkn8jQRBlYxbNtao_LShl5oEhIMwUNGY0e_oht6DZpQyF_4UH
oW4-Xa3DFYUjkaBDoM>
X-ME-Received: <xmr:KUGpZhjyVlWafIyu9QKiz8rRHxZopvGy5wzYmG5A2LcLY8T8jh69RzaQ9d6bGJ-XLcyeJgta5Q68YQDcQyv_AtOeOiDZ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrjeeggddugeduucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
cujfgurhepfffhvfevuffkfhggtggujgesghdtroertddtvdenucfhrhhomheprfgvthgv
rhcuvfhougguuceophgvthgvsehpvghtvghrthhouggurdhorhhgqeenucggtffrrghtth
gvrhhnpedutdffleekiedtfefgteefjefhffeiffevleegtdfhueeffeejveeljeekfefh
ieenucffohhmrghinhepphgvthgvrhhtohguugdrohhrghenucevlhhushhtvghrufhiii
gvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpvghtvgesphgvthgvrhhtohguugdr
ohhrghdpnhgspghrtghpthhtoheptd
X-ME-Proxy: <xmx:KUGpZl8QirY8_js3yAMyq4GJ5aC5UjsVI6RCucrw0kf0CTHCMG52tQ>
<xmx:KUGpZssWVnlcc4QUBowlCLdpNJX6LfVMOm3QenPlBTsCHUJUhncz8A>
<xmx:KUGpZsGyLJDfAmkF7edAEiDL5xM6pMcjTCvpa_W3lpCzBlQ9FGk4Xw>
<xmx:KUGpZrMTKyaUZVaUAkgnKKOtVegFujs4R1YoanU75CmB7NS8mbd5oQ>
<xmx:KUGpZgg5e3NT4RjQkxDfatV2E0YqfloNjm49os75DTxLsUsjMwr4mvfB>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
30 Jul 2024 15:38:17 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id 816F35F83F; Tue, 30 Jul 2024 19:38:17 +0000 (UTC)
Date: Tue, 30 Jul 2024 19:38:17 +0000
From: Peter Todd <pete@petertodd.org>
To: "David A. Harding" <dave@dtrt.org>
Cc: Antoine Riard <antoine.riard@gmail.com>,
Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] A "Free" Relay Attack Taking Advantage of The Lack
of Full-RBF In Core
Message-ID: <ZqlBKVXBKKIurBPk@petertodd.org>
References: <Zpk7EYgmlgPP3Y9D@petertodd.org>
<c6593662694f9d4a4fe999dd432f87ff@dtrt.org>
<99f8b3b5-996e-41a4-bca8-eb1ddcba4ef3n@googlegroups.com>
<4e959cdbe70b1a3b9f1adb37fe3b986e@dtrt.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="n+bJ/YzemJOvNThF"
Content-Disposition: inline
In-Reply-To: <4e959cdbe70b1a3b9f1adb37fe3b986e@dtrt.org>
X-Original-Sender: pete@petertodd.org
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@messagingengine.com header.s=fm3 header.b=FgfoCoVl; spf=pass
(google.com: domain of pete@petertodd.org designates 103.168.172.148 as
permitted sender) smtp.mailfrom=pete@petertodd.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)
--n+bJ/YzemJOvNThF
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
On Mon, Jul 29, 2024 at 06:57:17PM -1000, David A. Harding wrote:
> Given the first point and the last point, I'm not sure how viable the
> attack is (but, as I said, I'm not sure I understand it). Estimating or
> manipulating feerates correctly for over 144 blocks in a row sounds
> difficult. Counterparties being able to deprive Mallory of profit seems
> like a major weakness.
It is not.
I've actually *accidentally* exploited this type of pinning vector a few times
in Lighting channels by simply force closing them at times when fee-rates were
high. I've even twice managed to delay the force close of a channel by testing
out justice transactions by broadcasting a low fee-rate, revoked commitment,
which the counterparty node did not notice. Instead, the channel just stayed
in limbo for a few days until the node finally got in a normal force-close
using the non-revoked state after fees reduced. In both cases, both endpoints
were LND using compact block filters (I was running both nodes in these tests).
IIUC the LND compat block filter implementation does not track mempool
transactions, so it only notices revoked commitment transactions when they
appear in blocks (notice how this means that the lack of package relay will
render LND's fee-bumping code potentially useless if the conflicting commitment
transaction is equal or greater fee/fee-rate).
I haven't tried fully exploiting this particular scenario by maximizing the
number of HTLCs in flight; I was just trying out stuff manually. Someone
should.
It should be relatively easy to automate this class type of attack by simply
picking opportunities for it based on fee rates. It's quite common for fee
spikes to cause conditions where you can easily predict that fees won't go
below certain levels for many blocks in the future, multiple days even. Your
claim that "estimating feerates correctly for over 144 blocks in a row sounds
difficult" is very wrong.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZqlBKVXBKKIurBPk%40petertodd.org.
--n+bJ/YzemJOvNThF
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmapQScACgkQLly11TVR
Lzdb7Q//WaAy9wiYZ7S1OM4miCe8t9ayrLO9IUI8XVYwNOjVINccp/KGVEv7WTqB
HMIRIafesOq3NnwLQU+BBqffCu9f5ZycW/8/YhEBz211KLQ2eFJBFVQQpPMOLZrM
gCCznyJQ/MpCWIZ+J7N7FY5xy8Qypgz1232/aHynFZEyMPZDIbrkJa4loixVklfH
0kY9ypvOwrhMpSZPFViKe6rtfXp/cW2S61jZ9+MkE2NxLzNbbk/4iWhvIIIiru0U
L0pml6E8A1vvUADMCnlC/Y3jjN71X4QtqjwcEylllNxU1fPMtYOl5UA0XvJ85+2J
KdontP7TXqZ/1lWjciOcxetnFugami03ug9B9VgJbLCB3I3mzLeMCT9Ap1Cs8ii7
YjUGcXWxvyWkiJ3EixfUnttyR7Oo++hn2Hd/5+96t3KXt3/bduTZkb/P/OgEiSjd
rBZTBypqJdCGOBBwUYyp3/C9Y8VLDXoHAfQt+XgkuRqGRkH0twy6jimGAL3RKpas
sr2f9UofaoSnew8wWxrocX7x0HOEoaVU5Lx+u9LtTbZHdpXYHcEOLoE3atsmMysr
9ZRbbOdGGFVScbqfSElDIffuke9Kw8s00o7tq6EhtK25M/F0JTrRn4ODy2NuebSt
GKqKgeR17aDnPCnq4i2Nd6ofNO2GZSuMPFU6giIwpOVmHp4v2i8=
=XlnP
-----END PGP SIGNATURE-----
--n+bJ/YzemJOvNThF--
|
