The Bitcoin Lightning network currently has 17,000 active nodes and 79,000 payment channels.
Fake payments, or probes, can provide information about the status of channels on the network.
Due to the lack of a ledger, on the Bitcoin Lightning Network (LN), transactions are highly private. This makes it difficult to know the balances of the addresses and channels. But now, it is possible. There is a technique introduced by developers who are aiming for just that.
On GitHub, researcher Sergei Tikhomirov, public a proposal to find the information that, by default, is inaccessible in the layer two solution of Bitcoin (BTC).
In the opinion of specialists, as long as the Bitcoin Lightning network is non-permissive and focuses on privacy, using onion routing, “bad actors could abuse it by mounting attacks on reliability (such as interference ) or privacy (like polling) ”.
As they specify, the «key challenge» for LN to develop is in limiting the negative effects of unwanted network activity, while respecting and preserving the “non-permissive nature of the network.”
The Bitcoin LN Problem
The Bitcoin Lightning network, by definition, is a protocol for fast payments with negligible commissions that, currently, has 17 thousand active nodes and 79 thousand payment channels, through which transactions are executed off the main chain.
Within the network, there is a way in which one person can send bitcoin to another, without having to establish a direct channel. It is a multi-hop route.
To explain it, as the researcher did: ‘A person named Alice offers Bob a coin on the condition that he send one to Charlie. Bob forwards a coin to Charlie, who uses a payment method known only to him to redeem the coin. Bob can use the same method to redeem Alice’s coin. Thus, a coin has effectively moved from Alice to Charlie. ‘
The key problem in executing a transaction in this way through LN is that when one point sends bitcoins to another, it is not known for sure if there is enough balance in one of the channels to carry out the operation. If there isn’t, the payment fails.
So Lightning follows the trial and error approach. The sender may have to make several payment attempts until one of them is successful, ”explains Tikhomirov.
A way to make the Lightning network less private
With the intention of obtaining information, they propose the test or attack «Channel balance survey», where fake payments can provide data on transactions on the Lightning network.
In this case, an attacker (or researcher), who wants to have information about the balances of individual channels [algo privado], you can send fake payments or ‘probes’, and see where they fail along the way.
If a probe reaches the final destination, which is the recipient of the shipment, means that all channels along the way have sufficient balances. Otherwise, if the probe fails somewhere along the route, whoever sends the payment you will find out that the wrong node has no balance.
But there is an obstacle here. A routing node is free to choose any of the parallel channels to forward the probe in question. Therefore, and after receiving the error notification from the Lightning network, the attacker does not know which channel it applies to. “As a result, the classical polling algorithm becomes inapplicable,” they resolve.
Enhanced polling with interference
For this reason, they point to the combination of polling and interference which, as said, are aspects related to the reliability and privacy of the Lightning network. This is interference-enhanced probing, which can provide more information.
To clarify, the interference is a type of denial of service (DDoS) attack within the channels of the Bitcoin Lightning network. In this case, the attacker sends a payment to himself and purposely delays the completion of the operation. As a result of this action, funds along the route are left on the air and are no longer available for other payments.
According to the researchers, by combining interference and probing, dimensionality problems can be eliminated, as the attacker “can lock all channels in a multichannel hop except one, and then probe the remaining channel.”
“In other words, while the attacker cannot influence how a routing node chooses a channel to forward a probe, it is possible to narrow down the set of appropriate channels the node chooses from,” they say.
For specialists, the polling transaction interference method is able to provide more information about balances, in addition to that the selection allows a more adequate and faster probing.
Are these attacks useful?
While it is true that these tests violate the network and obtain information that was believed unreachable, they serve so that users and others related to Bitcoin know that LN is not a totally private network.
In addition, the tests generate greater confidence for the use of the network, especially for authorities and governments. Using these methods, as said, it is now more possible to track payments made on the Lightning network. This is important at the security level.
Thus, any operation that is related to theft and other crimes, such as money laundering or terrorist financing [típicamente usados para rechazar a Bitcoin] now it can be detected.