Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
htlcswitch: Disallow circular routes on same channel #3915
This PR adds some protection against circular liquidity attacks, as described in #3771.
Two types of protection against circular routes are identified:
Update: after discussion, decided to only implement (1), which simplifies the PR.
Context for not implementing (2):
Moved check into the switch and added an itest.
The downside of moving this check into the switch is that it exposes the switch to link level information in the form of channelupdate/temporary failure. Instead of adding a
Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.