Delivery-date: Fri, 11 Oct 2024 08:23:54 -0700 Received: from mail-yb1-f188.google.com ([209.85.219.188]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1szHUf-0002fQ-IE for bitcoindev@gnusha.org; Fri, 11 Oct 2024 08:23:54 -0700 Received: by mail-yb1-f188.google.com with SMTP id 3f1490d57ef6-e291c7a3c45sf788607276.0 for ; Fri, 11 Oct 2024 08:23:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1728660227; x=1729265027; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:sender:from :to:cc:subject:date:message-id:reply-to; bh=F3SmpQTqN/DT5ws7+njDs/CalZSzBJ+iQXsmXO4tZxQ=; b=J5qi0HkbJkDu3UHKuTY/VZ25Bw29xc8N5ZK7uH8TQIVFUc0LgTdgR9qKPkP7u486cK hsty0t78mKqziKXH52epXfvjObeXIKFqBWBQYvj8cqU56mFutzCaSi5hYYVX2+EWcJdc ETmPOZBK/wh2r8b98ctsmQIbfcWQ2y2YY/Ajbd7PG+rWyYlI5LD0OyVxpCrvArQ2Ep8O nGaussNrBt6c0N02zR1QvT/A22uNEEZ3jwmS3aiJrgOFdf2Et+I7Vm2yptn2YmKCtPd0 p+nkPGX1sANi/8gPNTQ/lnzd2utffr+gg8vGTa1ec3oidR7V5w7WvFkyygX3ohMHaqLe 9FSA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728660227; x=1729265027; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=F3SmpQTqN/DT5ws7+njDs/CalZSzBJ+iQXsmXO4tZxQ=; b=Dn3OCfv8ROIO8EbbSVe3m3DOjyBUkcSXaWYsKs6zvVzTwAtwY5ggK57n/MaVy670tO AFHJw4D9/Cyka9rMW1Yvvk6nmkl7t4nMAbioNNp/l5kWPCOu9xxfiRN/5mRgcWnhGX7w xJFDOqC3vbZpY956xY2FNp+WkAWhnX6JIua+aRbV2crP2v+r8ctwTz9SEjMPq6OZ2Xl9 rIcyJsKvSeFbba+NVJnmHbhYxHbgfZ8XJe1IxCqROpwh5feXrycvX5HJp5o8kT6ybooL NaU8Oeuffz4toblIi4Rh0kAAm9ifPOTOeBhhcebJuk2YdMjzQ/2uqiCiOac/iVMmtKFM 1weg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728660227; x=1729265027; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:x-beenthere :x-gm-message-state:sender:from:to:cc:subject:date:message-id :reply-to; bh=F3SmpQTqN/DT5ws7+njDs/CalZSzBJ+iQXsmXO4tZxQ=; b=Br8CNhtWXZ6Czir/B4vUnlZlYdwxNm54Sj/AU4x62hXhS4q05u9haJWMyV9pULgdE1 obdtkRTzYUH6BmPnLOXx/kaGJ9YwhR2OPHoO9bJII7Ij92TJ/+sXsysRBm3cJJfnpiYx 9MranpWNsg8Ao2k4jPeS1ENQ19E/6vEwQGXRRwcjE8mb8r5xpVn1TxRrSYukmkqUP1rL OyRRTtaElRFl+kWI9T9yU2m1uVaX+UgcImLeZ0gyJjT17T917EMFJgpJFG8hqHwnWgu1 VnxYYGCkB6ivSITuLKYM/qoA3HdoqdzIjEAQ5xLXwste2Of/35/P0VYRwB0OQie6ysep ItWg== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=1; AJvYcCVQ19vF8yrAoS7UMwB4rOM4ruOILE6BTrI5z747hsPgPNfTxS9cWbO5yMwI/L9s3Su0wAnkEbYUjY4s@gnusha.org X-Gm-Message-State: AOJu0Yxd7H3L8zx37LROBQJFCw9lBoiiIGSQdD3tIP4e9p5vr+kgI9NI tcPpJcQS//aN/3nGDcyjHlOHOQHDvbcOzl7iypMRF0xeieM4/FEX X-Google-Smtp-Source: AGHT+IH3fuTbrKZDN7yhs097SrRLd86ec6boMhuZsRTtmRwLuDRiXrI6+b8SxCRr4nfB/aKEkMN4ow== X-Received: by 2002:a05:6902:cc4:b0:e28:fc3e:26a3 with SMTP id 3f1490d57ef6-e291831ec84mr2187586276.4.1728660227283; Fri, 11 Oct 2024 08:23:47 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a05:6902:188e:b0:e25:d03f:aac5 with SMTP id 3f1490d57ef6-e290bb62836ls801510276.1.-pod-prod-01-us; Fri, 11 Oct 2024 08:23:45 -0700 (PDT) X-Received: by 2002:a05:690c:d85:b0:64a:f237:e0b0 with SMTP id 00721157ae682-6e3477b9fedmr26712207b3.5.1728660225094; Fri, 11 Oct 2024 08:23:45 -0700 (PDT) Received: by 2002:a05:690c:46c9:b0:6d6:77c4:ed15 with SMTP id 00721157ae682-6e31f00567dms7b3; Fri, 11 Oct 2024 08:01:54 -0700 (PDT) X-Received: by 2002:a05:690c:7790:b0:6e3:220e:90dd with SMTP id 00721157ae682-6e347b2f5e5mr18381087b3.35.1728658912373; Fri, 11 Oct 2024 08:01:52 -0700 (PDT) Date: Fri, 11 Oct 2024 08:01:52 -0700 (PDT) From: waxwing/ AdamISZ To: Bitcoin Development Mailing List Message-Id: <9682d905-886c-4deb-924c-6461f4b67537n@googlegroups.com> In-Reply-To: <51ac4b01-f2d3-4932-9d00-1c9be0875f96n@googlegroups.com> References: <51ac4b01-f2d3-4932-9d00-1c9be0875f96n@googlegroups.com> Subject: Re: [bitcoindev] Demonstrating Pinning Attacks under Real-World Conditions MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_3964_1363283815.1728658912116" X-Original-Sender: ekaggata@gmail.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.4 (/) ------=_Part_3964_1363283815.1728658912116 Content-Type: multipart/alternative; boundary="----=_Part_3965_830052607.1728658912116" ------=_Part_3965_830052607.1728658912116 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Antoine, Perhaps it would be an idea to write a gist or some other public facing=20 page with what you need from volunteers, so it's kind of step by step? Unlike Peter in this thread, I think most people would want/have to set up= =20 new nodes to do this. You have said: Current and default installs of Core/btcd + lnd/cln/ldk . I= =20 know that e.g. Core has some pretty non-trivial choices but I guess we can= =20 stick religiously to whatever is default. But other details like: amount in channels - does it matter? How many channels? Channels of specific types (thinking e.g. unannounced) Should volunteers have channels with each other? is there any aspect of=20 topology you require? Network connectivity - I guess it's not important, but just in case worth= =20 mentioning, e.g. should/should not use Tor etc. Forgive me if some of the questions are ignorant, I have not paid a ton of= =20 attention to the discussion around these attacks. waxwing/AdamISZ On Thursday, October 10, 2024 at 6:29:02=E2=80=AFPM UTC-6 Antoine Riard wro= te: > Hi all, > > > If you have an on-chain donation address on the OTS website (?), I'll= =20 > make a > > $100 donation now, it's a nice tool. And for the justice=20 > transaction...well > > for some scenarios you can use the latest valid commitment state to pin= =20 > no risk > > of being slashed by a justice transaction. > > Been late on demonstrating a real-world pinning attack against a=20 > production lightning > node. But I swear it's real sport having to jungle with more than one=20 > category of > exploit to soundly test. > > OTS is a great project. I'll make a donation to it of 1 gram of gold or= =20 > the equivalent > in fiats or satoshis at settlement (as $100 sounds to be almost equal to = 1=20 > gram of gold, > i.e $84.66 those days) for each month late on doing a demonstrationg of= =20 > real-world pinning > attack, as a lateness penalty. > > Beyond it's a great tool to make notarization of any kind of digital info= ,=20 > inside the > chain where for every block there are probably two-digit terawatt hours= =20 > burnt, which > starts to be a f*cking lot of hydro power plants. > > More generally, I called since late 2020 at least for making real-world= =20 > demonstration > of pinning attacks against lightning nodes, among others types of=20 > cross-layers attacks, > At the exception of 2 ligthning protocol devs if my memory is correct, al= l=20 > the others > ones since then have shunned away from participating in a real-world demo= ,=20 > and Peter > Todd was the first one to consent and make available a lightning node=20 > available for > real-world demos in a "black box" fashion (indeed, it's far easier to=20 > execute exploits > on testing envs fully set by the researcher...). > > In the future, I believe it can only be great if bitcoin security exploit= s=20 > are gauged > more or less on the lines of artifacts available, evaluated and=20 > reproduced, as done=20 > usually by major infosec confs. > > Best, > Antoine > ots hash: 9d227f7832154c4c8bce9fce260ac84537489c1bc8c4b8c2ba990ceb197c84f= c > Le mardi 3 septembre 2024 =C3=A0 21:13:46 UTC+1, Antoine Riard a =C3=A9cr= it : > >> > That also happens to be my Alice OpenTimestamps calendar, in=20 >> production, so >> > please don't do anything you expect to be CPU or RAM intensive. But if= =20 >> you >> > accidentally take down the server, not the end of the world: OTS is a= =20 >> very >> > redundant protocol and one calendar going down for a few hours is=20 >> unlikely to >> > do any harm. >> >=20 >> > It has about $400 of outgoing capacity at the moment, and $2000=20 >> inbound. It >> > gets hardly any donations at the moment, so if you manage to knock LND= =20 >> offline >> > that's no big deal. >> >=20 >> > That's not my money - it's donations to the OTS calendars that I have= =20 >> no right >> > to spend - so I'll ask you to pay for any expenses incurred by it duri= ng >> > testing, and make a $100 net donation when you're done testing to make= =20 >> it >> > worthwhile for the OTS community. If you manage to lose more than that= =20 >> on >> > justice transactions, I'll consider that a donation. :) >> >> Many thanks Peter for that. >> >> No worries, I won't play with CPU or RAM, it's just all the=20 >> transaction-relay >> and mempool logic that one can interfere with. I'll make you whole of th= e=20 >> $2400 >> if the LND node goes down too hard, though I'm just looking for a node= =20 >> running >> on mainnet, for a pinning the attacker has two open to channels and=20 >> re-balance >> the liquidity at its advantage a bit. I'll provide the liquidity by=20 >> myself. >> >> If you have an on-chain donation address on the OTS website (?), I'll=20 >> make a >> $100 donation now, it's a nice tool. And for the justice=20 >> transaction...well >> for some scenarios you can use the latest valid commitment state to pin= =20 >> no risk >> of being slashed by a justice transaction. >> >> Best, >> Antoine >> ots hash: 19d9b61ed5238e2922205a0a0194e0830b260a691f45b4189b1d145f72c9e0= 31 >> >> Le mar. 3 sept. 2024 =C3=A0 13:58, Peter Todd a = =C3=A9crit : >> >>> On Tue, Aug 27, 2024 at 02:10:15PM -0700, Antoine Riard wrote: >>> > My utmost pleasure to demonstrate some pinning attacks on nodes under= =20 >>> > real-world conditions. >>> >>> Antoine Riard: until Oct 1st, you have permission to test your attacks= =20 >>> against >>> my Lightning node running at: >>> >>> 023345274dd80a01c0e80ec4892818878...@alice.opentimestamps.org:9735= =20 >>> >>> >>> That also happens to be my Alice OpenTimestamps calendar, in production= ,=20 >>> so >>> please don't do anything you expect to be CPU or RAM intensive. But if= =20 >>> you >>> accidentally take down the server, not the end of the world: OTS is a= =20 >>> very >>> redundant protocol and one calendar going down for a few hours is=20 >>> unlikely to >>> do any harm. >>> >>> It has about $400 of outgoing capacity at the moment, and $2000 inbound= .=20 >>> It >>> gets hardly any donations at the moment, so if you manage to knock LND= =20 >>> offline >>> that's no big deal. >>> >>> That's not my money - it's donations to the OTS calendars that I have n= o=20 >>> right >>> to spend - so I'll ask you to pay for any expenses incurred by it durin= g >>> testing, and make a $100 net donation when you're done testing to make = it >>> worthwhile for the OTS community. If you manage to lose more than that = on >>> justice transactions, I'll consider that a donation. :) >>> >>> --=20 >>> https://petertodd.org 'peter'[:-1]@petertodd.org >>> >> --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/= bitcoindev/9682d905-886c-4deb-924c-6461f4b67537n%40googlegroups.com. ------=_Part_3965_830052607.1728658912116 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Antoine,

Perhaps it would be an idea to wri= te a gist or some other public facing page with what you need from voluntee= rs, so it's kind of step by step?
Unlike Peter in this thread, I = think most people would want/have to set up new nodes to do this.

You have said: Current and default installs of Core= /btcd + lnd/cln/ldk . I know that e.g. Core has some pretty non-trivial cho= ices but I guess we can stick religiously to whatever is default.

But other details like:
amount in channel= s - does it matter?
How many channels? Channels of specific types= (thinking e.g. unannounced)
Should volunteers have channels with= each other? is there any aspect of topology you require?
Network= connectivity - I guess it's not important, but just in case worth mentioni= ng, e.g. should/should not use Tor etc.

Forgive = me if some of the questions are ignorant, I have not paid a ton of attentio= n to the discussion around these attacks.

waxwi= ng/AdamISZ
On Thursday, October 10, 2024 at 6:29:02=E2=80=AFPM UTC-6 Antoine Ri= ard wrote:
Hi= all,

> If you have an on-chain donation address on the OTS websi= te (?), I'll make a
> $100 donation now, it's a nice tool. An= d for the justice transaction...well
> for some scenarios you can use= the latest valid commitment state to pin no risk
> of being slashed = by a justice transaction.

Been late on demonstrating a real-world pi= nning attack against a production lightning
node. But I swear it's r= eal sport having to jungle with more than one category of
exploit to sou= ndly test.

OTS is a great project. I'll make a donation to it of= 1 gram of gold or the equivalent
in fiats or satoshis at settlement (as= $100 sounds to be almost equal to 1 gram of gold,
i.e $84.66 those days= ) for each month late on doing a demonstrationg of real-world pinning
at= tack, as a lateness penalty.

Beyond it's a great tool to make no= tarization of any kind of digital info, inside the
chain where for every= block there are probably two-digit terawatt hours burnt, which
starts t= o be a f*cking lot of hydro power plants.

More generally, I called s= ince late 2020 at least for making real-world demonstration
of pinning a= ttacks against lightning nodes, among others types of cross-layers attacks,=
At the exception of 2 ligthning protocol devs if my memory is correct, = all the others
ones since then have shunned away from participating in a= real-world demo, and Peter
Todd was the first one to consent and make a= vailable a lightning node available for
real-world demos in a "blac= k box" fashion (indeed, it's far easier to execute exploits
on = testing envs fully set by the researcher...).

In the future, I belie= ve it can only be great if bitcoin security exploits are gauged
more or = less on the lines of artifacts available, evaluated and reproduced, as done=
usually by major infosec confs.

Best,
Antoine
ots hash: 9= d227f7832154c4c8bce9fce260ac84537489c1bc8c4b8c2ba990ceb197c84fc
Le mardi 3 septem= bre 2024 =C3=A0 21:13:46 UTC+1, Antoine Riard a =C3=A9crit=C2=A0:
=
> That also= happens to be my Alice OpenTimestamps calendar, in production, so
> = please don't do anything you expect to be CPU or RAM intensive. But if = you
> accidentally take down the server, not the end of the world: OT= S is a very
> redundant protocol and one calendar going down for a fe= w hours is unlikely to
> do any harm.
>
> It has about $= 400 of outgoing capacity at the moment, and $2000 inbound. It
> gets = hardly any donations at the moment, so if you manage to knock LND offline> that's no big deal.
>
> That's not my money - i= t's donations to the OTS calendars that I have no right
> to spen= d - so I'll ask you to pay for any expenses incurred by it during
&g= t; testing, and make a $100 net donation when you're done testing to ma= ke it
> worthwhile for the OTS community. If you manage to lose more = than that on
> justice transactions, I'll consider that a donatio= n. :)

Many thanks Peter for that.

No w= orries, I won't play with CPU or RAM, it's just all the transaction= -relay
and mempool logic that one can interfere with. I'll make you = whole of the $2400
if the LND node goes down too hard, though I'm ju= st looking for a node running
on mainnet, for a pinning the attacker has= two open to channels and re-balance
the liquidity at its advantage a bi= t. I'll provide the liquidity by myself.

If you have an on-chain= donation address on the OTS website (?), I'll make a
$100 donation = now, it's a nice tool. And for the justice transaction...well
for so= me scenarios you can use the latest valid commitment state to pin no riskof being slashed by a justice transaction.

Best,
Antoine
ots= hash: 19d9b61ed5238e2922205a0a0194e0830b260a691f45b4189b1d145f72c9e031
=

= Le=C2=A0mar. 3 sept. 2024 =C3=A0=C2=A013:58, Peter Todd <pe...@petertodd.org> a =C3=A9crit=C2=A0:
On Tue, Aug 27, 2024 at 02:10:15PM -0700, Antoine Riard wrote:
> My utmost pleasure to demonstrate some pinning attacks on nodes under =
> real-world conditions.

Antoine Riard: until Oct 1st, you have permission to test your attacks agai= nst
my Lightning node running at:

=C2=A0 =C2=A0 023345274dd80a0= 1c0e80ec4892818878...@alice.opentimestamps.org:9735

That also happens to be my Alice OpenTimestamps calendar, in production, so=
please don't do anything you expect to be CPU or RAM intensive. But if = you
accidentally take down the server, not the end of the world: OTS is a very<= br> redundant protocol and one calendar going down for a few hours is unlikely = to
do any harm.

It has about $400 of outgoing capacity at the moment, and $2000 inbound. It=
gets hardly any donations at the moment, so if you manage to knock LND offl= ine
that's no big deal.

That's not my money - it's donations to the OTS calendars that I ha= ve no right
to spend - so I'll ask you to pay for any expenses incurred by it durin= g
testing, and make a $100 net donation when you're done testing to make = it
worthwhile for the OTS community. If you manage to lose more than that on justice transactions, I'll consider that a donation. :)

--
https://petertodd.org 'peter'[:-1= ]@petertodd.org

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg= id/bitcoindev/9682d905-886c-4deb-924c-6461f4b67537n%40googlegroups.com.=
------=_Part_3965_830052607.1728658912116-- ------=_Part_3964_1363283815.1728658912116--