From clara.shikhelman at gmail.com Fri Mar 3 19:48:52 2023 From: clara.shikhelman at gmail.com (Clara Shikhelman) Date: Fri, 3 Mar 2023 14:48:52 -0500 Subject: [Lightning-dev] Local Reputation to Mitigate Slow Jamming In-Reply-To: References: Message-ID: > With a binary solution a single attacker can easily fill your quota of > low-confidence HTLCs and then all low-reputation nodes are blocked. But not > all of them are attackers, some of them just don't send you enough traffic > to get a high reputation for instance and you're going to block them too. > With a continuous solution you can differentiate between an active attacker > and someone who just sends to nodes with poor connectivity and only block > the first. > If it's very cheap to behave like a neighbour with poor connectivity, why wouldn't the attacker mimic this, and then block? Differentiating between a potential attacker and just a low-traffic neighbour is very difficult. I think that instead of "low/high reputation" a better way to think about it is "unknown/endorsed", and just consider which neighbour needs access to all resources and which one doesn't. The idea of different bins was brought up a few times and might help a bit, but I am not sure at all that it is worth the complication. For reporting c truthfully, if you report it too high you will be penalized > by having your reputation lowered, if you report it too low you will > penalize your HTLCs and still get the same reputation as if you had > reported it truthfully. > It might be that there is a strong motivation to underestimate than overestimate. That is ? the punishment for underestimating by X is significantly smaller than for overestimating by X (or vice versa). The formula you choose can affect this significantly. -------------- next part -------------- An HTML attachment was scrubbed... URL: