lnd icon indicating copy to clipboard operation
lnd copied to clipboard

Published 20 hours ago verified publisher icon lightningnetwork

Document Sphinx replay DB (Decayed Log Db)

Open AbelLykens opened this issue 2 years ago • 8 comments

Background

It's unclear to many people what sphinxreplay.db is for.

Context

Replying to the question: "What is sphinxreplay.db for", on Slack: @Roasbeef : "Security: it prevents replays of onion packets, w/o this ppl can collect onion packetrs then re-inject them and see where they travel to attempt to de-annon" @Roasbeef : "I think we might be the only impl that handles them properly, have been meaning to add more details to the spec on this front."

Request

Adding more docs / more info in specs would be good :100:

AbelLykens avatar May 27 '22 09:05 AbelLykens

@AbelLykens I'm willing to take a look at this issue. I see some comments and references to sphinxreplay.db, but looking at the docs not really sure where it would make sense to add info about sphinxreplay.db. I was thinking at the end of the Secure Your Lightning Network Node section may make the most sense? Either that or maybe the section about configuring tor.

adam2k avatar Sep 21 '22 18:09 adam2k

@adam2k Did you find out more about this? Made any progress?

angeria avatar Oct 04 '22 19:10 angeria

@angeria I didn't push this ahead any further if you have time to take a look. The only thing I'm not sure about where is the correct location is to add this content.

adam2k avatar Oct 12 '22 17:10 adam2k

Sphinx is a protocol that allows for the creation of anonymous and untraceable messages in a network. It is often used in conjunction with a replay database, which is a database that stores copies of previously sent messages in order to prevent them from being replayed.

The exact implementation of a Sphinx replay database will vary depending on the specific needs of the network and the application that it is being used for. However, in general, a replay database for Sphinx will likely store copies of previously sent messages using a hash of the message as the key, along with metadata such as the time the message was sent and the sender's identity.

When a new message is received, the replay database can be checked to see if it has been previously sent. If the message has been sent before, it can be discarded as a replay attack. If the message is new, it can be added to the replay database and processed as a legitimate message.

Overall, the purpose of a Sphinx replay database is to prevent replay attacks, which are a type of attack where an attacker resends a previously sent message in order to try and trick the recipient into thinking it is a new message. By storing copies of previously sent messages and comparing incoming messages against the replay database, it is possible to prevent these types of attacks and ensure the integrity of the network.

RolledTomato avatar Dec 11 '22 21:12 RolledTomato

That sounds like something ChatGPT would say... anyway, thanks :)

C-Otto avatar Dec 11 '22 21:12 C-Otto

Source-based onion routing (SPHINX) is the onion routing protocol used in Lightning. Onion routing Sphinx describes a method of encrypted communication where a message sender builds successive nested layers of encryption that are “peeled” off by each intermediary node until the innermost layer is delivered to the intended recipient. The name “onion routing” describes this use of layered encryption that is peeled off one layer at a time, like the skin of an onion. Each of the intermediary nodes can only “peel” one layer and see who is next in the communication path. Onion routing ensures that no one except the sender knows the destination or length of the communication path. Each intermediary only knows the previous and next hop.

" Lightning's onion routing SPHINX Mix Format is only similar to the Tor network routing in concept, but both the protocol and the implementation is entirely different from those used in the Tor network."

For detailed Knowledge about SPHINX and onion routing in the Lightning network, please refer to Chapter 10 of Mastering the Lightning Network .

Sharmalm avatar Dec 16 '22 14:12 Sharmalm

I would like to take up this issue. Please assign me this issue. I would be glad if you could alongwith let me know where do I need to write about "sphinxreplay.db" as I could not find appropriate place to put it up.

shwetank211 avatar Feb 11 '23 17:02 shwetank211

We don't currently assign issues to external contributors. But you can show you're working on it by submitting a (draft) PR. I think we should add a new document docs/databases.md that describes the different database files (and other general information about the database setup in lnd, with all the new features like etcd, Postgres, SQLite and so on). But for this I think it can just start with a section about the sphinxreplay.db file.

guggero avatar Feb 13 '23 08:02 guggero