aljaz on Nostr: i might be missing something but its more of a denial of service scenario with bgp ...
i might be missing something but its more of a denial of service scenario with bgp hijack, the ip in LN is not the sole identifier so you can't MITM it like you could with HTTPS if you can get a cert issued (which isnt really an issue if the dns is pointing towards your infrastructure after the hijack).
nodes don't generally care about their ips or the fact that they change that much. Sure updates propagate long through gossip etc, but its minor compared to identity being tied to it like the case of federation and domain name.
Published at
2024-06-25 13:28:25Event JSON
{
"id": "44747f222220488587479ca818b547c6aac4096a950dd06f486328f138cd82e8",
"pubkey": "efe5d120df0cc290fa748727fb45ac487caad346d4f2293ab069e8f01fc51981",
"created_at": 1719322105,
"kind": 1,
"tags": [
[
"p",
"311b497635856767ff5c1cefa2b8c5c875ce184ae4876da9279e829ba01dd129",
"wss://relay.snort.social/",
"tank"
],
[
"p",
"3d2e51508699f98f0f2bdbe7a45b673c687fe6420f466dc296d90b908d51d594",
"wss://nostr.bitcoiner.social/",
"matt"
],
[
"e",
"31c5487d076517ff28cbe34a231a22e3b421d0c76884219e1295608ba6ae5275",
"wss://nostr.bitcoiner.social/",
"root"
],
[
"e",
"0c8eab6568f73582be2924f0e4c1fba3276e43a2d6b7ef3f01e66c598c9d32ea",
"wss://nostr.bitcoiner.social/",
"reply",
"3d2e51508699f98f0f2bdbe7a45b673c687fe6420f466dc296d90b908d51d594"
]
],
"content": "i might be missing something but its more of a denial of service scenario with bgp hijack, the ip in LN is not the sole identifier so you can't MITM it like you could with HTTPS if you can get a cert issued (which isnt really an issue if the dns is pointing towards your infrastructure after the hijack).\n\nnodes don't generally care about their ips or the fact that they change that much. Sure updates propagate long through gossip etc, but its minor compared to identity being tied to it like the case of federation and domain name.",
"sig": "5fa9d9f3d56bd4e4e5f07fd0ea4c29145d7042dbaf202fae732dac127118876fb95f10b60129cc8b1ca63daf5057dd78c03c05e836b104439af660289b7dafb9"
}