Researchers Describe Bitcoin Attack That Could Halt Lightning Payments

A recently published research paper called “Hijacking Routes in Payment Networks” shows that the bitcoin lightning network might be open to simple disruptive attacks.

The paper that was published in September is the work of Stefan Schmid, Saar Tochner and Aviv Zohar and explains how a denial-of-service (DoS) attack can be used to slow down and eventually stop a massive amount of payments on the network. 

This method is seen as a major flaw in the network despite the fact that it has not been tested in real conditions and that the lightning technology is still in development.

Schmid works in the University of Vienna while Tochner and Zohar both come from the Hebrew University of Jerusalem.

As Zohar noted:

“The attack allows for a disruption of payments on the lightning network.”

Their explanation for this probability lays on the fact that every lightning network payment is moving crosswise the network of nodes until it reaches its destination and if some of the middle nodes are bad actors they can slow down the payment drastically.

According to Zohar, this is rather easy:

“It is extremely easy to execute. It takes opening a few lightning channels to key points, promising zero fees, and then not relaying any payments.”

Although this attack hasn’t been seen in the wild (thankfully) it has already caught the attention of software developers, working on bitcoin and especially lightning.

Bitcoin researcher Gleb Naumenko exclaimed: “I wish I had thought of the attack,” while Fabrice Drouin, lightning startup Acinq CTO shared his content:

“The paper is very interesting, so is the analysis of the different heuristics used for path-finding, and we’re very happy to see independent researchers work on how lightning can be abused and attacked.”

Not just a simple DoS attack?

When a payment is sent through lightning, the app decides which exact route should be taken based on a multitude of factors. As one of the factors is which node demands the lowest fees, a bad actor can make his chances of being chosen substantially bigger.

According to Drouin this can be accomplished by:

“Analyzing how each implementation computes routes to design a strategy that enables attackers to get their nodes selected in as many routes as possible.”

Zohar explained furthermore:

“We can open channels that offer short and low-cost routes in the network which then are selected (almost always) for the route.”

As the paper reads:

“We find that just five new links are enough to draw the majority (65% – 75%) of the traffic regardless of the implementation being used.” 

Not only they can pick up the bigger portion of payments but furthermore, can do it over and over again:

“Then, when a payment request comes in, we can just refuse to pass it onward. When a new path is selected […] the attacker channels are again selected for the route.”

When it comes to the probability of the method being used, Zohar explained:

“I think the network is just not in heavy use right now and disrupting it does not cause too much damage. The attack does not directly give funds to the attacker, so the incentive will only be there if lightning is heavily used as a payment network.”

As Drouin noted, such an attack would not be cheap to be performed since:

“Attackers need to open actual channels and lock funds, which will get closed and pay on-chain fees whenever a payment is locked and times out.”

On this matter Zohar has a different opinion than his colleague:

“You’d need around 20 or so new channels to attack some 80% of all transactions, so the total cost would be around $2000.”

How to stop an attack?

Even though this type of attack is quite serious, lightning developers believe that future improvement will make it almost impossible to perform.

As the infrastructure lead at Lightning Labs, Alex Bosworth commented:

“It’s something [that’s] hard to talk about because we are still developing the path finding system in LND and it’s a moving target.”

If not aware LND is Lightning Labs’ implementation of the lightning network. Bosworth promised that “major changes” that impact exactly the routing that is analyzed in the paper are soon to come.

Still, he didn’t play it too safe:

“I wouldn’t say that there is any way to conclusively stop people who are trying to disrupt payments because this is a system where the peer-to-peer design means that anyone can participate and route or not route as they prefer.”

Lightning is still developing

We should not forget that lightning is still changing and very fast too. Some of the changes in the backlog would make it a lot more complex for bad actors to carry out an attack.

As for the future of lightning, Drouin noted:

“Also, as the network grows, lightning network implementations will deploy more aggressive heuristics to ban misbehaving peers … and such attacks will become more an more short-lived.”

…and continued:

“For example, we don’t just look at the cheapest fees when we compute routes, we try to select older channels, so an attacker would have to wait and behave before they can carry out the attack.”

One of the more anticipated features are the upcoming trampoline payments, an aspect suggested by Blockstream lightning engineer Christian Decker.

According to him, as ‘transporting’ the payment in between points still requires some computation while carrying the data this will be a huge improvement.

As not all actors have equipment that could handle such an amount of calculations – the ‘trampoline’ system would solve this problem. 

For example, a modern user might send a payment via smartphone, which we hope you’ll agree is not the most powerful device no matter how new it is.

With the trampoline system the sender would actually ‘outsource’ his/her computation needs.