Fake Channel DoS

[ekzyis]

This adds a new battlefield with an LND node v0.15.5-beta vulnerable to DoS: Fake Lightning Channels.

I added a scenario to demonstrate the attack. Since the base config for maxpendingchannels in warnet is 64, I can create 64 fake channels per run of the scenario. After that, I need to run the scenario again to create more fake channels with a new socket. This way, I was able to create 1000+ pending channels (lncli -n regtest pendingchannels | jq -r '.pending_open_channels | length'), which I think is enough as a demonstration.

Update: I should try to create so many pending channels that the node becomes unresponsive and funds can be stolen

This depends on bitcoin-dev-project/warnet#799.

TODO

• add other vulnerable nodes? (CLN, eclair, LDK)
• add chart to track pending channels in dashboard
• use or remove macaroonRootKey
• remove PoC scenario before merge via force-push
• update fleet.py
• make node unresponsive and steal funds

[pinheadmz]

This is a cool POC thanks for cooking it up!
You've already got a todo there but yeah we wouldn't merge yaml files like this because they are always re-generated by fleet.py

[pinheadmz]

Instead of changing the yaml, you should update fleet.py so it generates networks, etc with the extra nodes you want to add. For these repos, we always want the yaml in the repo to be stale because it gives away secrets to the players! Admin runs scripts/deploy.sh before the game starts to refresh everything.