With this attack, it is possible to identify the sender and receiver of the payment, as well as the amount sent. There is a proposal to solve this, but it would reduce the speed of payments.
A security vulnerability on the Lightning Network could compromise the privacy of users if they are exposed to a timing attack. Elias Rohrer and Florian Tschorsch, from the Technical University of Berlin, published a paper that shows it.
Initially, the Lightning Network was a proposed tool for immediate transactions. However, it also has the collateral effect of increasing the privacy of transactions. All in all, this attack could compromise that functionality.
The vector in this timing attack is in the channel routing. The more channels go through the attacker’s node, the more likely it is to compromise anonymity. The attacker looks for coincidences between amounts and times to identify the sender and the final receiver of a transaction.
The potential attack occurs on negotiation messages in hashed time-locked contracts (HTLC). In the search for common features, the attacker excludes those nodes that do not coincide in terms of the amount or value of time locked in these contracts. In this way, he or she can very precisely identify the payment endpoints.
The paper shows that knowing the amount of the payment and the value of the HTLC allows achieving this. Following this initial reduction in privacy, the attacker can run time-based estimators to infer the most likely endpoints of the payment route. If the attack is successful, he or she can identify both the sender and the receiver of a payment.
After numerous simulations, Rohrer and Tschorsch concluded that the results confirm the feasibility and success of this type of privacy attack on the Lightning Network’s payment channel.
As a measure to mitigate this risk, they propose that the Lightning Network nodes delay responses to messages for a random time, as part of the protocol. However, they consider that this would be detrimental to speed, which is precisely one of the objectives of the Lightning Network. They explain that changing the latency a few milliseconds would be enough to make the information misleading to the attacker’s eyes.
Near the end of the report, they note that they conducted the research exclusively on Lightning’s public node model, but that the protocol also allows establishing hidden payment channels, which the public network does not broadcast. They mention that it would be interesting to do future research on this type of attack on private payment channels.
Other Vulnerabilities on Lightning Network
This research demonstrated a new vulnerability on the Lightning Network that adds to others already known. Those other vulnerabilities include congestion, channel exhaustion, and node isolation attacks, among others, as well as the possible manipulation of routing algorithms to include a malicious node.
The pace at which the Lightning Network’s development advances suggests the possibility of overcoming vulnerabilities. Regarding Lightning, bitcoiner Giacomo Zucco describes the situation as a very vibrant moment, at which there are dramatic changes in innovation and implementation practically overnight.
By Willmen Blanco
