Yes, I've tested that on Muun wallet. You are able to steal sats from Muun that later are charged from other users to cover the loses. Using this garbage app nowadays is pure insanity and I warned about this long time ago.
Also another thing to mention about this: Muun was also bloating the block space:
I have not tested this empirically (meaning I'm just going off the feels here) but I think most ecash wallets pass the routing fee on to the user when leaving the mint. Which wallets still exist that are custodial and that do free withdrawals? Is it WoS? I haven't used them in a good while...
I remember that Kraken allowed free lightning withdrawals though.
Which wallets still exist that are custodial and that do free withdrawals?
Asking for a friend? haha
Is it WoS?
No, the post mentions they actually had the best security among those tested:
6. WalletOfSatoshi
WalletOfSatoshi charges the user the exact fee for the routing. It also does hold a reserve of 0.3% balance in case of unexpected high fee. This is the most conservative take together with that of OKex, in turn making these two services the least user friendly.
Isn't this what is called fee siphoning attack? Also what would prevent something similar happening in the hypothetical future where merchanta use lightning? A merchant sets a node with high fee between his node and you and charges high fees from his customers?
Yes, it's called fee siphoning and I believe wallets already do that. It's part of their business model. CashApp and ACINQ (the company behind Phoenix) are examples.
I kind of think this is a problem 🤔. I think I encountered this also when purchasing a channel from blocktank. Incoming payments were a lot more expensive than the default fees from robosats. It took me a while to figure out why I can't receive the sats I purchased.
Simple, deposit funds into a custodial service then withdraw the funds, done. Congrats for your profit! I am sure you are thinking -"Those sats were mine anyway, right? How does this qualify as an attack?" Well, I forget to mention we also need to place a node that will be routing the payments between the custodial service and the receiving node. The routing node will collect a fee, hopefully the fee will be big enough so there is a net profit (i.e., withdrawal_fee + deposit_fee < routing_fee_collected). If a positive net return is possible, then it is just a matter of optimizing the size of the fee collected and the transaction speed rate to see how big the damage could be. It is easy to see how this attack must be feasible on any service with free withdrawal fee.
How do you place a node in the middle? Well, the sending node is in charge of selecting the route. A priori, it seems unlikely that the sender will select a very expensive route. However, there is a case when the sender will certainly have to send the payment trough our routing node. We will connect our receiving node to the Lightning Network only with a single channel to our routing node. Therefore payments, if they arrive at all, must always be relayed by ourselves.
I wrote a simple python script able to generate local LN invoices and submit them to the exchange to process the withdrawals. It reached top speeds of up to ~300 withdrawals per minute (200 ms per withdrawal), simply wow! That makes for ~15K sats per minute. I did not optimize further the script, as the channel was already near being maxed out (current maximum pending HTLCs for a channel is 483 and they were taking long to settle). In addition, my RaspberryPi was getting CPU limited, I believe due to encrypting/decrypting the onion packages.
Yes, I've tested that on Muun wallet. You are able to steal sats from Muun that later are charged from other users to cover the loses.
Using this garbage app nowadays is pure insanity and I warned about this long time ago.
Also another thing to mention about this: Muun was also bloating the block space:
https://xcancel.com/mononautical/status/1621663167582437376
https://xcancel.com/mononautical/status/1621893734156623872
I have not tested this empirically (meaning I'm just going off the feels here) but I think most ecash wallets pass the routing fee on to the user when leaving the mint. Which wallets still exist that are custodial and that do free withdrawals? Is it WoS? I haven't used them in a good while...
This should be a pretty well-known attack by now.
I remember that Kraken allowed free lightning withdrawals though.
Asking for a friend? haha
No, the post mentions they actually had the best security among those tested:
Isn't this what is called fee siphoning attack? Also what would prevent something similar happening in the hypothetical future where merchanta use lightning? A merchant sets a node with high fee between his node and you and charges high fees from his customers?
Yes, it's called fee siphoning and I believe wallets already do that. It's part of their business model. CashApp and ACINQ (the company behind Phoenix) are examples.
I kind of think this is a problem 🤔. I think I encountered this also when purchasing a channel from blocktank. Incoming payments were a lot more expensive than the default fees from robosats. It took me a while to figure out why I can't receive the sats I purchased.
Interesting attack vectory
My favorite part:
When your heist is limited by your own CPU haha
If the routing node charges too much the payment will likely fail due to high fees right?
You can lower the fee until the payment suceeds, then it's free money