Delivery-date: Fri, 11 Oct 2024 08:23:54 -0700
Sender: bitcoindev@googlegroups.com
Date: Fri, 11 Oct 2024 08:01:52 -0700 (PDT)
From: waxwing/ AdamISZ <ekaggata@gmail.com>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Message-Id: <9682d905-886c-4deb-924c-6461f4b67537n@googlegroups.com>
In-Reply-To: <51ac4b01-f2d3-4932-9d00-1c9be0875f96n@googlegroups.com>
References: <a647a2e2-2742-4b0e-ae84-6f84b018136fn@googlegroups.com>
 <ZtcIDJkfQp7uh+Kj@petertodd.org>
 <CALZpt+EM1ysYErpGneuP_d+MjhQcaG7d2_EtRm2WYGFfLYuBsA@mail.gmail.com>
 <51ac4b01-f2d3-4932-9d00-1c9be0875f96n@googlegroups.com>
Subject: Re: [bitcoindev] Demonstrating Pinning Attacks under Real-World Conditions
MIME-Version: 1.0
Content-Type: multipart/mixed; 
	boundary="----=_Part_3964_1363283815.1728658912116"
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com

------=_Part_3964_1363283815.1728658912116
Content-Type: multipart/alternative; 
	boundary="----=_Part_3965_830052607.1728658912116"

------=_Part_3965_830052607.1728658912116
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Antoine,

Perhaps it would be an idea to write a gist or some other public facing=20
page with what you need from volunteers, so it's kind of step by step?
Unlike Peter in this thread, I think most people would want/have to set up=
=20
new nodes to do this.

You have said: Current and default installs of Core/btcd + lnd/cln/ldk . I=
=20
know that e.g. Core has some pretty non-trivial choices but I guess we can=
=20
stick religiously to whatever is default.

But other details like:
amount in channels - does it matter?
How many channels? Channels of specific types (thinking e.g. unannounced)
Should volunteers have channels with each other? is there any aspect of=20
topology you require?
Network connectivity - I guess it's not important, but just in case worth=
=20
mentioning, e.g. should/should not use Tor etc.

Forgive me if some of the questions are ignorant, I have not paid a ton of=
=20
attention to the discussion around these attacks.

waxwing/AdamISZ
On Thursday, October 10, 2024 at 6:29:02=E2=80=AFPM UTC-6 Antoine Riard wro=
te:

> Hi all,
>
> > If you have an on-chain donation address on the OTS website (?), I'll=
=20
> make a
> > $100 donation now, it's a nice tool. And for the justice=20
> transaction...well
> > for some scenarios you can use the latest valid commitment state to pin=
=20
> no risk
> > of being slashed by a justice transaction.
>
> Been late on demonstrating a real-world pinning attack against a=20
> production lightning
> node. But I swear it's real sport having to jungle with more than one=20
> category of
> exploit to soundly test.
>
> OTS is a great project. I'll make a donation to it of 1 gram of gold or=
=20
> the equivalent
> in fiats or satoshis at settlement (as $100 sounds to be almost equal to =
1=20
> gram of gold,
> i.e $84.66 those days) for each month late on doing a demonstrationg of=
=20
> real-world pinning
> attack, as a lateness penalty.
>
> Beyond it's a great tool to make notarization of any kind of digital info=
,=20
> inside the
> chain where for every block there are probably two-digit terawatt hours=
=20
> burnt, which
> starts to be a f*cking lot of hydro power plants.
>
> More generally, I called since late 2020 at least for making real-world=
=20
> demonstration
> of pinning attacks against lightning nodes, among others types of=20
> cross-layers attacks,
> At the exception of 2 ligthning protocol devs if my memory is correct, al=
l=20
> the others
> ones since then have shunned away from participating in a real-world demo=
,=20
> and Peter
> Todd was the first one to consent and make available a lightning node=20
> available for
> real-world demos in a "black box" fashion (indeed, it's far easier to=20
> execute exploits
> on testing envs fully set by the researcher...).
>
> In the future, I believe it can only be great if bitcoin security exploit=
s=20
> are gauged
> more or less on the lines of artifacts available, evaluated and=20
> reproduced, as done=20
> usually by major infosec confs.
>
> Best,
> Antoine
> ots hash: 9d227f7832154c4c8bce9fce260ac84537489c1bc8c4b8c2ba990ceb197c84f=
c
> Le mardi 3 septembre 2024 =C3=A0 21:13:46 UTC+1, Antoine Riard a =C3=A9cr=
it :
>
>> > That also happens to be my Alice OpenTimestamps calendar, in=20
>> production, so
>> > please don't do anything you expect to be CPU or RAM intensive. But if=
=20
>> you
>> > accidentally take down the server, not the end of the world: OTS is a=
=20
>> very
>> > redundant protocol and one calendar going down for a few hours is=20
>> unlikely to
>> > do any harm.
>> >=20
>> > It has about $400 of outgoing capacity at the moment, and $2000=20
>> inbound. It
>> > gets hardly any donations at the moment, so if you manage to knock LND=
=20
>> offline
>> > that's no big deal.
>> >=20
>> > That's not my money - it's donations to the OTS calendars that I have=
=20
>> no right
>> > to spend - so I'll ask you to pay for any expenses incurred by it duri=
ng
>> > testing, and make a $100 net donation when you're done testing to make=
=20
>> it
>> > worthwhile for the OTS community. If you manage to lose more than that=
=20
>> on
>> > justice transactions, I'll consider that a donation. :)
>>
>> Many thanks Peter for that.
>>
>> No worries, I won't play with CPU or RAM, it's just all the=20
>> transaction-relay
>> and mempool logic that one can interfere with. I'll make you whole of th=
e=20
>> $2400
>> if the LND node goes down too hard, though I'm just looking for a node=
=20
>> running
>> on mainnet, for a pinning the attacker has two open to channels and=20
>> re-balance
>> the liquidity at its advantage a bit. I'll provide the liquidity by=20
>> myself.
>>
>> If you have an on-chain donation address on the OTS website (?), I'll=20
>> make a
>> $100 donation now, it's a nice tool. And for the justice=20
>> transaction...well
>> for some scenarios you can use the latest valid commitment state to pin=
=20
>> no risk
>> of being slashed by a justice transaction.
>>
>> Best,
>> Antoine
>> ots hash: 19d9b61ed5238e2922205a0a0194e0830b260a691f45b4189b1d145f72c9e0=
31
>>
>> Le mar. 3 sept. 2024 =C3=A0 13:58, Peter Todd <pe...@petertodd.org> a =
=C3=A9crit :
>>
>>> On Tue, Aug 27, 2024 at 02:10:15PM -0700, Antoine Riard wrote:
>>> > My utmost pleasure to demonstrate some pinning attacks on nodes under=
=20
>>> > real-world conditions.
>>>
>>> Antoine Riard: until Oct 1st, you have permission to test your attacks=
=20
>>> against
>>> my Lightning node running at:
>>>
>>>     023345274dd80a01c0e80ec4892818878...@alice.opentimestamps.org:9735=
=20
>>> <http://023345274dd80a01c0e80ec48928188783f9bc5281be8f5057c050492f10711=
a5b@alice.opentimestamps.org:9735>
>>>
>>> That also happens to be my Alice OpenTimestamps calendar, in production=
,=20
>>> so
>>> please don't do anything you expect to be CPU or RAM intensive. But if=
=20
>>> you
>>> accidentally take down the server, not the end of the world: OTS is a=
=20
>>> very
>>> redundant protocol and one calendar going down for a few hours is=20
>>> unlikely to
>>> do any harm.
>>>
>>> It has about $400 of outgoing capacity at the moment, and $2000 inbound=
.=20
>>> It
>>> gets hardly any donations at the moment, so if you manage to knock LND=
=20
>>> offline
>>> that's no big deal.
>>>
>>> That's not my money - it's donations to the OTS calendars that I have n=
o=20
>>> right
>>> to spend - so I'll ask you to pay for any expenses incurred by it durin=
g
>>> testing, and make a $100 net donation when you're done testing to make =
it
>>> worthwhile for the OTS community. If you manage to lose more than that =
on
>>> justice transactions, I'll consider that a donation. :)
>>>
>>> --=20
>>> https://petertodd.org 'peter'[:-1]@petertodd.org
>>>
>>

--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/=
bitcoindev/9682d905-886c-4deb-924c-6461f4b67537n%40googlegroups.com.

------=_Part_3965_830052607.1728658912116
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div>Antoine,</div><div><br /></div><div>Perhaps it would be an idea to wri=
te a gist or some other public facing page with what you need from voluntee=
rs, so it's kind of step by step?</div><div>Unlike Peter in this thread, I =
think most people would want/have to set up new nodes to do this.<br /></di=
v><div><br /></div><div>You have said: Current and default installs of Core=
/btcd + lnd/cln/ldk . I know that e.g. Core has some pretty non-trivial cho=
ices but I guess we can stick religiously to whatever is default.<br /></di=
v><div><br /></div><div>But other details like:</div><div>amount in channel=
s - does it matter?</div><div>How many channels? Channels of specific types=
 (thinking e.g. unannounced)</div><div>Should volunteers have channels with=
 each other? is there any aspect of topology you require?</div><div>Network=
 connectivity - I guess it's not important, but just in case worth mentioni=
ng, e.g. should/should not use Tor etc.</div><div><br /></div><div>Forgive =
me if some of the questions are ignorant, I have not paid a ton of attentio=
n to the discussion around these attacks.<br /></div><div><br /></div>waxwi=
ng/AdamISZ<br /><div class=3D"gmail_quote"><div dir=3D"auto" class=3D"gmail=
_attr">On Thursday, October 10, 2024 at 6:29:02=E2=80=AFPM UTC-6 Antoine Ri=
ard wrote:<br/></div><blockquote class=3D"gmail_quote" style=3D"margin: 0 0=
 0 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Hi=
 all,<br><br>&gt; If you have an on-chain donation address on the OTS websi=
te (?), I&#39;ll make a<br>&gt; $100 donation now, it&#39;s a nice tool. An=
d for the justice transaction...well<br>&gt; for some scenarios you can use=
 the latest valid commitment state to pin no risk<br>&gt; of being slashed =
by a justice transaction.<br><br>Been late on demonstrating a real-world pi=
nning attack against a production lightning<br>node. But I swear it&#39;s r=
eal sport having to jungle with more than one category of<br>exploit to sou=
ndly test.<br><br>OTS is a great project. I&#39;ll make a donation to it of=
 1 gram of gold or the equivalent<br>in fiats or satoshis at settlement (as=
 $100 sounds to be almost equal to 1 gram of gold,<br>i.e $84.66 those days=
) for each month late on doing a demonstrationg of real-world pinning<br>at=
tack, as a lateness penalty.<br><br>Beyond it&#39;s a great tool to make no=
tarization of any kind of digital info, inside the<br>chain where for every=
 block there are probably two-digit terawatt hours burnt, which<br>starts t=
o be a f*cking lot of hydro power plants.<br><br>More generally, I called s=
ince late 2020 at least for making real-world demonstration<br>of pinning a=
ttacks against lightning nodes, among others types of cross-layers attacks,=
<br>At the exception of 2 ligthning protocol devs if my memory is correct, =
all the others<br>ones since then have shunned away from participating in a=
 real-world demo, and Peter<br>Todd was the first one to consent and make a=
vailable a lightning node available for<br>real-world demos in a &quot;blac=
k box&quot; fashion (indeed, it&#39;s far easier to execute exploits<br>on =
testing envs fully set by the researcher...).<br><br>In the future, I belie=
ve it can only be great if bitcoin security exploits are gauged<br>more or =
less on the lines of artifacts available, evaluated and reproduced, as done=
 <br>usually by major infosec confs.<br><br>Best,<br>Antoine<br>ots hash: 9=
d227f7832154c4c8bce9fce260ac84537489c1bc8c4b8c2ba990ceb197c84fc<br><div cla=
ss=3D"gmail_quote"><div dir=3D"auto" class=3D"gmail_attr">Le mardi 3 septem=
bre 2024 =C3=A0 21:13:46 UTC+1, Antoine Riard a =C3=A9crit=C2=A0:<br></div>=
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 0.8ex;border-left:1=
px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr">&gt; That also=
 happens to be my Alice OpenTimestamps calendar, in production, so<br>&gt; =
please don&#39;t do anything you expect to be CPU or RAM intensive. But if =
you<br>&gt; accidentally take down the server, not the end of the world: OT=
S is a very<br>&gt; redundant protocol and one calendar going down for a fe=
w hours is unlikely to<br>&gt; do any harm.<br>&gt; <br>&gt; It has about $=
400 of outgoing capacity at the moment, and $2000 inbound. It<br>&gt; gets =
hardly any donations at the moment, so if you manage to knock LND offline<b=
r>&gt; that&#39;s no big deal.<br>&gt; <br>&gt; That&#39;s not my money - i=
t&#39;s donations to the OTS calendars that I have no right<br>&gt; to spen=
d - so I&#39;ll ask you to pay for any expenses incurred by it during<br>&g=
t; testing, and make a $100 net donation when you&#39;re done testing to ma=
ke it<br>&gt; worthwhile for the OTS community. If you manage to lose more =
than that on<br>&gt; justice transactions, I&#39;ll consider that a donatio=
n. :)<br><br></div><div dir=3D"ltr">Many thanks Peter for that.<br><br>No w=
orries, I won&#39;t play with CPU or RAM, it&#39;s just all the transaction=
-relay<br>and mempool logic that one can interfere with. I&#39;ll make you =
whole of the $2400<br>if the LND node goes down too hard, though I&#39;m ju=
st looking for a node running<br>on mainnet, for a pinning the attacker has=
 two open to channels and re-balance<br>the liquidity at its advantage a bi=
t. I&#39;ll provide the liquidity by myself.<br><br>If you have an on-chain=
 donation address on the OTS website (?), I&#39;ll make a<br>$100 donation =
now, it&#39;s a nice tool. And for the justice transaction...well<br>for so=
me scenarios you can use the latest valid commitment state to pin no risk<b=
r>of being slashed by a justice transaction.<br><br>Best,<br>Antoine<br>ots=
 hash: 19d9b61ed5238e2922205a0a0194e0830b260a691f45b4189b1d145f72c9e031<br>=
</div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">=
Le=C2=A0mar. 3 sept. 2024 =C3=A0=C2=A013:58, Peter Todd &lt;<a rel=3D"nofol=
low">pe...@petertodd.org</a>&gt; a =C3=A9crit=C2=A0:<br></div><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1p=
x;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1=
ex">On Tue, Aug 27, 2024 at 02:10:15PM -0700, Antoine Riard wrote:<br>
&gt; My utmost pleasure to demonstrate some pinning attacks on nodes under =
<br>
&gt; real-world conditions.<br>
<br>
Antoine Riard: until Oct 1st, you have permission to test your attacks agai=
nst<br>
my Lightning node running at:<br>
<br>
=C2=A0 =C2=A0 <a href=3D"http://023345274dd80a01c0e80ec48928188783f9bc5281b=
e8f5057c050492f10711a5b@alice.opentimestamps.org:9735" rel=3D"noreferrer no=
follow" target=3D"_blank" data-saferedirecturl=3D"https://www.google.com/ur=
l?hl=3Den&amp;q=3Dhttp://023345274dd80a01c0e80ec48928188783f9bc5281be8f5057=
c050492f10711a5b@alice.opentimestamps.org:9735&amp;source=3Dgmail&amp;ust=
=3D1728744712253000&amp;usg=3DAOvVaw127VDKb-dISVrO7VEc7ONq">023345274dd80a0=
1c0e80ec4892818878...@alice.opentimestamps.org:9735</a><br>
<br>
That also happens to be my Alice OpenTimestamps calendar, in production, so=
<br>
please don&#39;t do anything you expect to be CPU or RAM intensive. But if =
you<br>
accidentally take down the server, not the end of the world: OTS is a very<=
br>
redundant protocol and one calendar going down for a few hours is unlikely =
to<br>
do any harm.<br>
<br>
It has about $400 of outgoing capacity at the moment, and $2000 inbound. It=
<br>
gets hardly any donations at the moment, so if you manage to knock LND offl=
ine<br>
that&#39;s no big deal.<br>
<br>
That&#39;s not my money - it&#39;s donations to the OTS calendars that I ha=
ve no right<br>
to spend - so I&#39;ll ask you to pay for any expenses incurred by it durin=
g<br>
testing, and make a $100 net donation when you&#39;re done testing to make =
it<br>
worthwhile for the OTS community. If you manage to lose more than that on<b=
r>
justice transactions, I&#39;ll consider that a donation. :)<br>
<br>
-- <br>
<a href=3D"https://petertodd.org" rel=3D"noreferrer nofollow" target=3D"_bl=
ank" data-saferedirecturl=3D"https://www.google.com/url?hl=3Den&amp;q=3Dhtt=
ps://petertodd.org&amp;source=3Dgmail&amp;ust=3D1728744712253000&amp;usg=3D=
AOvVaw1TSX524BYOC-2Cgqq9abEf">https://petertodd.org</a> &#39;peter&#39;[:-1=
]@<a href=3D"http://petertodd.org" rel=3D"noreferrer nofollow" target=3D"_b=
lank" data-saferedirecturl=3D"https://www.google.com/url?hl=3Den&amp;q=3Dht=
tp://petertodd.org&amp;source=3Dgmail&amp;ust=3D1728744712253000&amp;usg=3D=
AOvVaw3VyZmFH2Wf-Xp6QH2J48pG">petertodd.org</a><br>
</blockquote></div>
</blockquote></div></blockquote></div>

<p></p>

-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;Bitcoin Development Mailing List&quot; group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoind=
ev+unsubscribe@googlegroups.com</a>.<br />
To view this discussion on the web visit <a href=3D"https://groups.google.c=
om/d/msgid/bitcoindev/9682d905-886c-4deb-924c-6461f4b67537n%40googlegroups.=
com?utm_medium=3Demail&utm_source=3Dfooter">https://groups.google.com/d/msg=
id/bitcoindev/9682d905-886c-4deb-924c-6461f4b67537n%40googlegroups.com</a>.=
<br />

------=_Part_3965_830052607.1728658912116--

------=_Part_3964_1363283815.1728658912116--