As mentioned in the text, this is imposed by you on each peer that connects to
you. The point is to prevent a single peer from consuming all your memory and
CPU and prevent you from servicing legitimate peers- i.e. it prevents denial of
service using a single peer and forces attackers to use a *distributed* denial
of service.
Regards,
ZmnSCPxj
Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------- Original Message --------
On January 18, 2018 7:03 PM, <[email protected]> wrote:
>
>
>> You impose this 25 channels per peer. I start opening a channel to
>> you. Because I did not check mempool or because my fee-estimation algo is
>> bad, I pay too low a fee. I become impatient and bump it up, which you
>> perceive as another open (so it is now 2/25 channels).
>
> It seems, to me, that this example could be pretty easily extended to 1000,
> or 2000, or -- pretty much anything. In fact, this brings up an important'ish
> point, possibly. If every channel I "try to open," and then fail to, counts
> as resources of any kind on the receiver, we've just added a perfect attack
> surface for a denial of service. However this is arranged, it needs to be
> arranged in a way that does not have (or at least has a minimal number of)
> fixed pool of resources/magic numbers of any kind that can be exhausted,
> after which things "no longer work." To do otherwise is to practically invite
> someone taking the entire network down with a well-planned/executed process
> that exhausts this resource across a large number of critical nodes (and
> there will be critical nodes -- it's just a part of graph theory that this
> will happen).
>
> 😊 /r
_______________________________________________
Lightning-dev mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
