Hopefully this is a wakeup call to the lnd team...
Can't believe nobody stole thousands of dollars worth from unsuspecting nodes.
The scariest thing is this:
"LNsploit does not yet broadcast transactions with a held HTLC payment still in flight, which would allow you to steal funds in hours rather than the ~2-week channel timelocks."
@TonyGiorgio I asked some of the people you credit in the end of the blog post - would you care to clarify how this can actually be achieved? Perhaps even an edit on the post would help for future readers - but it sounds super scary that the 2-week lock can be circumvented through some way. Doesn't that point to a greater critical flaw in the protocol?
reply
It has to do with the CLTV values of HTLCs as payments are flowing through the network. I think most implementations have those set to just 40 blocks. So I believe there's going to be wider discussions that LN devs have to increasing that. The con to that is that stuck payments may mean that your funds are locked up longer and from a senders POV, a particular payment might look like it's pending for longer periods of time.
reply
How do you get funds on an LNSploit node to open a channel? That option doesn't do anything for me.
reply
Also, if I "open" a channel without having any funds. it says "channel opened".
reply
It uses the funds on the bitcoind node. Which if you're mining from with polar it should have funds.
reply
connected it straight to a mainnet node brother
reply
Noooooooo lol. There's a few hardcoded regtests in the code, definitely not safe to do lol.
reply
I would like to use it on mainnet to attack my own nodes. How can I else be sure they do what they claim to do? Keep up the good work and don't be afraid, I didn't come here to do safe stuff ;)
reply
An Esplora API backend would be ideal for easier use on mainnet.
reply
which didn't have any funds ( I think :grin:)
reply
Excellent write up, thanks for the tool and the walkthrough!
reply
Thanks for the tool and the walkthrough!
reply
this is epic
reply
Wow, interesting!
reply