7 upvotes, 3 direct replies (showing 3)
View submission: Lightning Network Megathread
[deleted]
Comment by markasoftware at 03/01/2018 at 05:48 UTC
9 upvotes, 3 direct replies
There are a few solutions:
1. Only send money using your channel. If you only send money, then nobody would want to broadcast an older version, as that would give you *more* than you're supposed to have! And if it somehow does go through, oh well, you have more money now!
2. Come online every few days to check for bad transactions. If somebody broadcasts an old transaction, there is a certain amount of time (I think it's configurable?) before the channel actually closes. You can broadcast the "anti-cheat" transaction any time before the channel is fully closed. So, if you set it to, say, one week, then if somebody broadcasts a malicious transaction, you can broadcast the anti-cheat one if you come online the next day.
3. delegate it to a trusted third party, they can broadcast the anti-cheat transactions for you. You don't have to give them access to the private keys.
Comment by cdecker at 03/01/2018 at 11:14 UTC
6 upvotes, 1 direct replies
The node B may in fact attempt to cheat by publishing an old state (such as the A=0.5 and B=0.5 state). This cheat can then be detected on-chain and used to steal the cheaters funds, i.e., A can see the closing transaction, notice it's an old one and grab all funds in the channel (A=1, B=0). The time that A has in order to react to the cheating counterparty is given by the CLTV in the cheating transaction, which is adjustable. So if A foresees that it'll be able to check in about once every 24 hours it'll require that the CLTV is at least that large, if it's once a week then that's fine too. You definitely do not need to be online and watching the chain 24/7, just make sure to check in once in a while before the CLTV expires.
Alternatively you can outsource the watch duties, in order to keep the CLTV timeouts low. This can be achieved both with trusted third parties or untrusted ones (watchtowers).
Comment by FerriestaPatronum at 03/01/2018 at 05:51 UTC
3 upvotes, 1 direct replies
It's less bad than that, but I believe the core problem is there, yes. It's not a matter of "whoops you're disconnected", it's more, "whoops you're offline when the channel expired", so there's a bit of timing involved. I posted a whole thread and got some feedback on the problem. The tl;Dr of the thread is that: yes the problem exists, so only open channels to people you trust.