Good morning Subhra,
> Is there any literature available on how protocols would get affected in
> presence of Byzantine nodes ?
I am unaware of such.
In any case, when considering Byzantine faults, a Byzantine fault occurs where
one node appears functional to some subset of the the system, but appears
broken to a different subset.
When considering the channel mechanism (ignoring the payment layer on top that
is built on cross-channel atomic swaps that are built on HTLCs), then the
channel mechanism involves only two nodes.
Thus a Byzantine fault is impossible, at least when considering the channel
mechanism.
Byzantine faults can only occur if at least three nodes exist: node A appears
broken to node B but looks perfectly fine to node C.
At the channel mechanism layer, we only consider that if your channel
counterparty seems broken, you can always just drop the channel onchain at any
time and enforce any state needed by the payment layer onchain.
Thus, the blockchain resistance to Byzantine actors comes into play when you
drop channels onchain.
More interesting is considering the payment layer on top of the channel layer.
If the payment is from a payer with a direct channel to the payee, then it is
completely uninteresting, as again this is the same impossible-to-Byzantine,
two-participant, we-can-always-drop-things-onchain-at-any-time case.
The interesting case is with a forward, wherein some remote payer sends
payments through one or more forwarding nodes.
There is already much literature and analysis regarding the multi-hop
forwarding mechanism, including the original Poon-Dryja paper, as well as the
"multi-hop locks" paper.
For the most part, for a hop node on a payment attempt, there are three
participants:
* Itself.
* The incoming node.
* The outgoing node.
Let us consider each case.
* Suppose itself is Byzantine.
* Suppose it acts correctly to the incoming node, but acts strangely to the
outgoing node.
* Then the outgoing node will not claim the payment and itself will be
unable to claim the payment.
* At worst-case, the HTLC timeout will come into play and force failure
of the payment.
* Suppose it acts correctly to the outgoing node, but acts strangely to the
incoming node.
* The the outgoing node will claim the payment, but itself will be unable
to claim the incoming payment.
* Itself, if it is rational, would avoid this case, since it would end up
paying the payee while the supposed payer does not actually give any money.
* Suppose the incoming node is Byzantine.
* Then itself would not even know what the outgoing node would be, so this
devolves to a 2-participant case.
* Suppose the outgoing node is Byzantine.
* Then the outgoing node would be unable to claim the payment.
* Itself will then fail the incoming payment.
The same analysis holds for all hop nodes on a single payment attempt.
> For example, consider that a 2 byzantine nodes open a payment channel, since
> none of the intermediate transaction in a channel gets recorded, will this
> impact other transactions which gets routed through this channel ?
Do you mean that the 2 cooperating nodes have a direct payment channel with
each other and want to somehow negatively affect the rest of the network?
Those two nodes would be indistinguishable from a single node that has the
channels of both nodes.
In fact, the channel between those nodes would be "wasted", i.e. locked for no
good reason.
The aggregate of the two nodes would own all the money in that payment channel,
and would uselessly allocate funds from one node to the other, even though they
true owner is their aggregate and it is no different from the aggregate HODLing
its funds in a hot wallet.
In such a case, it is immaterial to the rest of the network what games the
aggregate of both nodes plays with the money that it holds solely as its own,
in much the same way that you might mentally allocate your liquid funds as
"okay, I shall spend 10mBTC on buying new anime, 25mBTC on buying figurines of
Asuka-sama, and 100mBTC in donating to ZmnSCPxj, the rest I shall keep in
reserve" and nobody else would care (because obviously Rei-chan is objectively
better than Asuka-sama).
The only interesting case is if the two nodes are truly independent of each
other.
But then the Byzantine problem also arises between these two nodes, thus if
they are Byzantine anyway, they are far more likely to be unable to coordinate
to attack the rest of the network and are far more likely to harm each other
(but this is a cop-out).
Regards,
ZmnSCPxj
_______________________________________________
Lightning-dev mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
