Sergei Tikhomirov and Lightning privacy - Episode 19
Postdoc Researcher Sergei joins Murch and Jonas to talk about channel balance probing in Lightning, privacy concerns in general, and the importance of researcher-developer collaboration. We discuss: - Sergei's background (1:50) - Sergei's homepage with links to all prior research - Lightning basics (2:50) - Why LN payments fail (3:40) - Why privacy is important (5:30) - Privacy potential of Lightning vs L1 Bitcoin (6:40) - How probing works (8:40) - Why is balance discovery bad? (11:30) - Persistent identities in Lightning (13:00) - Multi-vector security model and trade-offs (17:45) - "Twitter for your bank account" meme (20:20) - The danger of overestimating Bitcoin's privacy (21:00) - Lightning integrations and walled gardens (22:00) - Lightning Service Providers and LN's centralized topology (23:05) - LNBIG booth in El Salvador (25:30) - Potential oligopoly of large nodes (27:15) - Probing parallel channels (28:30) - Analysis and Probing of Parallel Channels paper - Combining probing with jamming (33:00) - The limit on in-flight payments (36:00) - StackExchange answer about transaction size limit - Bad and good probing (41:20) - Countermeasures and reputation (44:00)Overview of anti-jamming measures - Hub-and-spoke terminology and aviation analogy (49:00) - Doing research in Bitcoin and Lightning (53:10) - Why Bitcoin is unique (55:10) - Researcher-developer collaboration (58:00) Related research: - On the Difficulty... -- the first paper about LN balance probing - An Empirical Analysis paper about three LN attack vectors including probing - Counting Down Thunder paper about timing attacks - Congestion Attacks paper about jamming - Cross-layer Deanonymization paper about linking L1 and L2 - Flood & Loot paper about malicious fee negotiation strategies - Hijacking Routes paper about adversarial fee undercutting Thanks to Justin for the sound engineering.