Attack Models

Filters

Eclipse Attack

An attacker isolates a target node's peer connections to control its view of blocks and transactions.

Layer: network

Severity: high

Observed: No

Consensus Rules vs PolicySpv Vs Full NodeSecurity And AttacksReorg

Selfish Mining

A miner withholds valid blocks strategically to increase expected revenue over fully honest publication.

Layer: mining

Severity: high

Observed: No

Mining and Subsidy Difficulty Adjustment (2016)ReorgSecurity And Attacks

Fee Sniping

During extreme fee spikes, miners may have incentive to attempt short reorgs to capture recent fee-rich blocks.

Layer: economic

Severity: medium

Observed: No

Mempool Mining Reorg Consensus Rules vs Policy

Replace-by-Fee Abuse Pattern

Zero-confirmation recipients can be harmed when an attacker replaces a pending transaction with a higher-fee conflict.

Layer: mempool

Severity: medium

Observed: Yes

Transactions Lifecycle Mempool Consensus Rules vs PolicySecurity And Attacks

Lightning Channel Jamming

Attackers occupy HTLC slots and route capacity to degrade payment success for other users without necessarily stealing funds.

Layer: network

Severity: medium

Observed: No

Lightning Network Maturity Mempool Consensus Rules vs Policy Transactions Lifecycle

Lightning Probing and Topology Leakage

Adversarial payment probes can infer channel balances, routing policy, or node behavior, reducing operational privacy.

Layer: network

Severity: medium

Observed: No

Lightning Network Maturity Pseudonymity, Not Anonymity Network Topology Assumption

Lightning Pinning and Fee Griefing

Adversaries exploit mempool and fee dynamics to delay or worsen close-path transactions, raising risk/cost during disputes or congestion.

Layer: mempool

Severity: high

Observed: No

Lightning Network Maturity Mempool Reorg Consensus Rules vs Policy Transactions Lifecycle

Title	Layer	Severity	Observed	Linked Nodes
Eclipse Attack An attacker isolates a target node's peer connections to control its view of blocks and transactions.	network	high	No	Consensus Rules vs PolicySpv Vs Full NodeSecurity And AttacksReorg
Selfish Mining A miner withholds valid blocks strategically to increase expected revenue over fully honest publication.	mining	high	No	Mining and Subsidy Difficulty Adjustment (2016)ReorgSecurity And Attacks
Fee Sniping During extreme fee spikes, miners may have incentive to attempt short reorgs to capture recent fee-rich blocks.	economic	medium	No	Mempool Mining Reorg Consensus Rules vs Policy
Replace-by-Fee Abuse Pattern Zero-confirmation recipients can be harmed when an attacker replaces a pending transaction with a higher-fee conflict.	mempool	medium	Yes	Transactions Lifecycle Mempool Consensus Rules vs PolicySecurity And Attacks
Lightning Channel Jamming Attackers occupy HTLC slots and route capacity to degrade payment success for other users without necessarily stealing funds.	network	medium	No	Lightning Network Maturity Mempool Consensus Rules vs Policy Transactions Lifecycle
Lightning Probing and Topology Leakage Adversarial payment probes can infer channel balances, routing policy, or node behavior, reducing operational privacy.	network	medium	No	Lightning Network Maturity Pseudonymity, Not Anonymity Network Topology Assumption
Lightning Pinning and Fee Griefing Adversaries exploit mempool and fee dynamics to delay or worsen close-path transactions, raising risk/cost during disputes or congestion.	mempool	high	No	Lightning Network Maturity Mempool Reorg Consensus Rules vs Policy Transactions Lifecycle