[bitcoin-dev] Time-dilation Attacks on the Lightning Network

[ZmnSCPxj]

Good morning Aymeric,

> The issue each time there are discussions/research linking to Tor is that it is biased since the beginning because based on a wrong postulate: using the Tor network
>

Well, in the interest of using the wrong tool for a highly important job, let me present this thought:

* The Tor network is weakened due to its dependence on a limited set of exit nodes.
* "Direct", within-Tor rendezvous points are good, i.e. Tor hidden services.
* Thus, there is no issue with Tor-to-Tor or clearnet-to-clearnet connections, the issue is with Tor-to-clearnet connections.
* Of course, no miner is going to run over Tor because latency, so all the miners will be on clearnet.
* So make your own bridge between Tor and clearnet.
* Run two fullnodes on your computer (with sufficient ingenuity, you can probably share their block storages, or make one pruning).
* One fullnode is on the public network but runs in `blocksonly` so it does not propagate any transactions (which might be attached to your public IP).
* The other fullnode is on the Tor network and has an `-addnode` to the public-network node via `localhost`, which I assume is very hard for an eclipse attacker to get at.
* Use the Tor-fullnode to propagate your transactions.

Of course, the eclipse attacker can still attack all Tor exit nodes and block outgoing transaction traffic to perform eclipse attacks.
And if you decide to propagate transactions to the public-network node then you pretty much lose your privacy there.

Regards,
ZmnSCPxj