From christopher.d.gough at gmail.com  Fri May 11 00:17:22 2018
From: christopher.d.gough at gmail.com (Chris Gough)
Date: Fri, 11 May 2018 10:17:22 +1000
Subject: [Lightning-dev] Mitigations for loop attacks
In-Reply-To: <CADZtCSiB+9zLDCZjS3_b=D8zJJFov+6CxwpyHovoQECgtOrztQ@mail.gmail.com>
References: <CADZtCShTk6xM4Bw8TWptHf99pyJzQmZDyPwMSDv9anwaALTmjQ@mail.gmail.com>
	<871seljpak.fsf@rustcorp.com.au>
	<BsvmpNjjX20c27jsnMbbOKcYdJlyiwTLV5oxTKVPmaDbYITeBOR7DHEcVB3NNR8sLURWKgP8Ap8mjnMns_mOsC2SovWxFzHreBHFX54Kdsw=@protonmail.com>
	<CADZtCSjVBK2eH-KK-+CqT0m=5zV4cZD1qE_-uZXJDVZKPBCFxg@mail.gmail.com>
	<CADZtCSgU-x2STBsybz_Cw1Do9LQie7Cu3fqAu0Od4SSMhTkrrw@mail.gmail.com>
	<kvYqlXiqzv0cDE4Xv5oX9sZJTrHC2heSQpYA2yukP0ECNEHQxhea8Scfym81_OmfndCYJh3Bh7mxgXD6GYqxaA5NMiDSHCrvvWI7IN9gqJQ=@protonmail.com>
	<CAJByh8J98uEiVmxzd5SG14hhzoyeKbXpDXMWyuZstzHg3wo4pw@mail.gmail.com>
	<CADZtCSiB+9zLDCZjS3_b=D8zJJFov+6CxwpyHovoQECgtOrztQ@mail.gmail.com>
Message-ID: <CAJByh8L3hoQHFW9nNNB_kwHKMHT=fe34LxNjO8BNKpJFhBuX6Q@mail.gmail.com>

On Fri, May 11, 2018 at 9:18 AM, Jim Posen <jim.posen at gmail.com> wrote:
> Hmm, I'm not quite following the situation. What do you mean by "directs
> normal traffic"? Since the sender constructs the entire circuit, routing
> nodes do not get any discretion over which nodes to forward a payment to,

<facepalm>

> only whether to forward or fail. What an attacker could do is perform a loop
> attack and send a payment to another node that they control and delay the
> payment on the receiving end. Note that the sending node loses no
> reputation, only the receiving node. Since the hops being attacked are the
> ones in the middle and they are faithfully enforcing the reputation
> protocol, the receiving node's reputation should be penalized properly,
> making it unlikely the attack will succeed in a second attempt.

So the attacker can purchase reputation for the sacrificial node by
sending them legitimate payments, and then spend that reputation (at
the mutual expense of hops) by delaying targeted transactions. But my
question about obscuring the collusion by artificially lowering
reported risk was nonsense based on misunderstanding. Thanks for
helping me understand.

Chris Gough