Hi all, My understanding of the local reputation channel is the following, when Bob receives a HTLC forwarding request from Alice to Caroll: - if Alice has reputation of 1 and Alice endorses the transaction, Bob forwards and endorses the HTLC to Caroll - else if the HTLC amount is under the available outbound liquidity quota assigned to Alice and available outbound slots assigned to Alice, Bob forwards the HTLC to Caroll and reduce available outbound liquidity/slots assigned to Alice - else the HTLC is rejected
This is unclear on which criterias the endorsement decision is made (e.g CLTV expiry delta, odds of settlement, ongoing congestion of outbound channels ?). Additionally, this is unclear how the available liquidity/slots on a given outbound channel are initially distributed between all the inbound channels (e.g proportional to the capacity) and how they're balanced once the inbound channels start to accumulate reputation. I don't know if this local reputation scheme precises how reputation is slashed in case of HTLC failure, and if any "grace" amount/rate is granted to the inbound channel counterparty, e.g Alice. Independently of those considerations, I think this local reputation scheme might suffer from exploitable reputation asymmetries by a jamming adversary. Let's say you have the topology: Alice - Bob - Caroll - Dave Alice accumulated a reputation of 1 towards Bob and same for Bob towards Caroll. As `fee_base_msat` Bob picked up 1000 msat and Caroll picked up 2000 msat. If Alice forwards a HTLC to Bob and it is endorsed by him before relay to Caroll, Alice can now inflict a 50 sat damage to Caroll, while only encumbering the lower-priced reputational cost towards Bob. This concern could hold in case of asymmetries arising from the dynamic adjustment of routing fees during an evaluated period of time. E.g both Bob and Caroll requires routing fees of 1000 msat. Alice builds up a reputation of 1 towards Bob during this period N. At period N+1, Caroll bumps her routing fees to 2000 msat. From now on, Alice can exploit this asymmetry. While I think this deficiency could be fixed by ensuring a proportionality of the reputation acquisition cost between the inbound channels and the cost requested by a counterparty on an outbound channel, I believe this would come with the downside that any update in reputation cost should be recursively applied to the downstream links (i.e Bob on Alice channel, Alice on neighbouring inbound channels, etc). Apart of this reputation asymmetry concern, I think the local reputation scheme could suffer from spontaneous jamming by "honest" long-term held packets (e.g CLTV delta=2 weeks), where even if Alice is not scored to 1 by Bob, she always settles her long-term held packets. However, those packets are yielding less routing fees to Bob than let's say 14 HTLC packets of CLTV delta = 1 day. Finally, the dynamic reduction of the available outbound liquidity/slots in the occurrence of reputation=0 counterparty's HTLC being only known at the link-level could break the expectations of the HTLC senders scoring algorithms. E.g, being connected to Alice might have probed through another path the available liquidity on the link Bob-Caroll. This Eve's probe is falsified by any reduction done by Caroll towards Bob, and therefore Eve's payment reliability is likely to be downgraded. Best, Antoine Le jeu. 16 févr. 2023 à 21:29, Clara Shikhelman <clara.shikhel...@gmail.com> a écrit : > Hi List, > > We’re writing to seek early feedback on a draft for a neighbour reputation > setting recommendation as a jamming mitigation. The main idea is that > allowing full access to liquidity and slots in a channel can result in > jamming. To prevent this, we allow full access only to neighbours that > forward HTLC that resolve quickly and generate more profit than the damage > they can potentially create. > > The full suggested jamming mitigation solution includes upfront fees > together with reputation, see [1] for details. > > In the previous episodes: > > As presented here [1], we suggest a two part jamming mitigation strategy. > Reputation-based forwarding is aimed to solve “slow jamming”, where the > jamming transaction takes a long time to resolve. > > The main idea is that each node gives a binary reputation to its > neighbour. Each channel has a quota of liquidity and slots (say 50% of the > channel size and 50% of the slots in the channel) dedicated to transactions > coming from neighbours with reputation 0, or for transactions coming from > neighbours with reputation 1 that were not endorsed by the neighbour. > > For example, when Alice asks Bob to forward to Charlie then: > > If (Alice has reputation 1 with Bob) and (Alice endorses transaction): > > Forward and endorse > > Else: > > If (amount < available liquidity quota) and (available slots in quota>0): > > Forward HTLC without endorsing > > Reduce available liquidity and slots > > Else: > > Reject > > Reputation: > > The question we discuss here is how does Alice gain “good” reputation > (i.e., a score of 1). Alice starts at 0, and she gains and keeps her good > reputation of 1 by continuously paying more fees to Bob than the damage she > can inflict. > > The 3 main parameters for reputation that each node operator picks are S,L > and M. Our recommendations are as follows: > > - > > S should be chosen as the maximum time an HTLC can be unresolved in > any of Bob’s channels. > - > > M is the revenue generated by Bob’s node in the time S, representing > the damage Alice could inflict. > - > > L is the time in which Alice should generate M revenue for Bob for her > to have a good reputation of 1. We suggest L=10S. > > > Alice has reputation 1 if, in the last L seconds, she has forwarded > payments that generated M satoshi in fees. > > As an example: > > - > > Bob has a maximum CLTV delta of 2 weeks [2] > - > > Over the last 2 weeks, he has earned 0.5 BTC in routing fees > - > > Alice will be considered to have good reputation if she has forwarded > 0.5 BTC of routing revenue to Bob over the last 20 weeks > > > Formally: > > Let t be the current time, and let S and L be constants. > > M is calculated to be the revenue of Bob in time [t-S,t]. The revenue of > Bob is the sum of fees from transactions forwarded by any neighbour besides > Alice + any payments received by Bob. Note that Bob can choose to also take > into account utility gained from sending payments or anything of value to > the node operator. > > Alice has reputation 1 if in the time [t-L,t] she has forwarded HTLCs > that paid M in normalized fees. > > We normalize fees by resolution time to reward payments that resolve > quickly and discount slow resolving payments. Here we assume 10 seconds is > the “normal” resolution time, this number can be bikesheded, and we round > up to avoid penalizing transactions resolved quicker than the “normal”. > > The fee from a single transaction is normalized by the time it took for > the HTLC to resolve, counted in slots of 10 seconds. That is: > > Normalized_fee = (fee)/[ceiling(time_to_resolve/10s)] > > > > Some notes > > 1. > > The reputation management happens locally, that is, the only protocol > change needed is the ability to signal endorsement as a TLV in > UpdateAddHTLC. The various parameters can be selected for various risk > preferences. > 2. > > We currently suggest a binary reputation for simplicity. Having > several buckets could be interesting to study, yet we don’t think that the > complexity and the possible privacy issues are worth the potential > benefits. > 3. > > For most use cases, having reputation 0 is more than enough. If we > send and receive transactions at a low rate, we usually don’t need the full > liquidity and slots available in a channel. Reputation mostly comes into > play only when a channel is under attack, and then not all transaction are > allowed to go through. > 4. > > Following this thread [3]: it is important to note that we are only > giving reputation to our direct neighbours. An advantage of this is that we > have repeated interactions with them. In practice, this is also the only > clean data we have to use when deciding whether to forward an HTLC or not. > > > Best, > > Carla and Clara > > > [1] > https://lists.linuxfoundation.org/pipermail/lightning-dev/2022-November/003740.html > [2] > https://github.com/lightningnetwork/lnd/blob/de94a4ea5e81799330a72dfde111817b38565d99/htlcswitch/link.go#L51 > [3] > https://lists.linuxfoundation.org/pipermail/lightning-dev/2023-February/003842.html > _______________________________________________ > Lightning-dev mailing list > Lightning-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev >
_______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
