Time-Dilation Attacks on the Lightning Network Antoine Riard Gleb Naumenko
[email protected] [email protected] ABSTRACT Per time-dilation attacks, a malicious actor slows down block deliv- Lightning Network (LN) is a widely-used network of payment ery to the victim and then finalizes an expired state of the Lightning channels enabling faster and cheaper Bitcoin transactions. In this channel on-chain, before a victim can notice. paper, we outline three ways an attacker can steal funds from For a non-infrastructure attacker eclipsing full nodes is difficult, honest LN users. The attacks require dilating the time for victims to but definitely not impossible, as demonstrated by prior work[19, become aware of new blocks by eclipsing (isolating) victims from 30, 37]. Since full nodes in the LN are often used by hubs (or big the network and delaying block delivery. While our focus is on service providers), we will show that an attacker may justify the the LN, time-dilation attacks may be relevant to any second-layer high attack cost by stealing their aggregate liquidity during one protocol that relies on a timely reaction. short (several hours) Eclipse attack. According to our measurements, it is currently possible to steal At the same time, we will demonstrate that Eclipse attacks are the total channel capacity by keeping a node eclipsed for as little as 2 easier to carry out against the many LN users whose wallets rely on hours. Since trust-minimized Bitcoin light clients currently connect light client protocols to obtain information from the Bitcoin network, to a very limited number of random nodes, running just 500 Sybil and light client implementations are currently more vulnerable to nodes allows an attacker to Eclipse 47% of newly deployed light Eclipse attacks then full nodes.