It's been a good week for the price of bitcoin. As of writing, the price had increased by $2,890 or 10.77%. This is certainly exciting for those who have been suffering through one of the longest bear markets in bitcoin's 14+ year history. However, there have been a couple developments outside of the price increase that you should be aware of; a critical bug disclosure on the lightning network, and some proposed surveillance requirements on "mixers" by FinCen.
We'll start with the CVE bug disclosure that exposed a relatively cheap pinning attack that can be waged by nefarious channel partners. This attack is being described as a replacement cycling attack that would enable the attacker to steal the funds of their channel counterparty by taking advantage of inconsistencies that exists between individual mempools. This bug was originally discovered and privately disclosed to the maintainers of all of the lightning network implementations in December of last year. All implementations have made patches to mitigate the attack. However, from the looks of the conversation around the bug it doesn't seem like these patches are sufficient enough to fully repel this attack from being waged.
I am not going to pretend how to explain the attack articulately in this letter, so please go read the disclosure and the conversation that ensued after it was posted.
With that being said, it does seem that there are conflicting views as to how existential this bug is and how viable it is to successfully wage against a large portion of the network from an economic perspective. It is clear that changes would need to be made at the protocol level to completely protect the lightning network from this type of attack. What those exact changes are isn't very clear at the moment. And whether or not they'd ever be implemented is even less clear.
From my understanding, the best way to mitigate this particular attack at the moment is to only open channels on the lightning network with peers that you trust, which is never an optimal solution for adversarial systems.
This is something to keep in eye on in the months and years to come.
Moving along. FinCen released a proposal to designate "crypto mixers" as money laundering services. This would immediately render CoinJoining services illegal in the eyes of the Justice Department and create turn thousands of law abiding citizens into "criminals" overnight. To make matters worse, it seems that the definition of "crypto mixer" that FinCen has put forth is so broad that it would include people who send transactions with multiple inputs - regardless if they are using something like a CoinJoin implementation - as money launderers as well. This is an egregious overreach that proves two things; these people are extremely desperate to cut off the exit routes from the burning temple of fiat and they likely don't understand the technical details of bitcoin.
As we said yesterday, the authorities are losing their grip of control as more individuals wake up to the fact that the federal government is a detriment to civil liberties and freedom in the digital age, and are actively making life worse for the common man. If these guidelines pass I believe we'll see civil disobedience make a strong come back. When the powers that be who are actively destroying everything they touch try to prevent people from using the open source tools at their fingertips to fix the problems themselves, the amount of anger that will permeate the populace will increase precipitously.
If these provisions are passed it will be undeniable that we have entered the "then they fight you" stage of bitcoin's lifecycle. Are you willing to stand up and fight for what you know to be right?
While the price pump has been nice this week, it is important not to get lost in the glowing light of the green candles. These are two things you should be paying attention to moving forward.
You have to have a winner's mentality. Losing isn't an option and winners believe they're going to win no matter what the circumstances are.
Enjoy your weekend, freaks.