Fake Channel DoS

[ekzyis]

This adds a new battlefield with an LND node v0.15.5-beta vulnerable to DoS: Fake Lightning Channels.

I added a scenario to demonstrate the attack. Since the base config for maxpendingchannels in warnet is 64, I can create 64 fake channels per run of the scenario. After that, I need to run the scenario again to create more fake channels with a new socket. This way, I was able to create 1000+ pending channels (lncli -n regtest pendingchannels | jq -r '.pending_open_channels | length'), which I think is enough as a demonstration.

Update: I should try to create so many pending channels that the node becomes unresponsive and funds can be stolen

This depends on bitcoin-dev-project/warnet#799.

TODO

• add other vulnerable nodes? (CLN, eclair, LDK)
• add chart to track pending channels in dashboard
• use or remove macaroonRootKey
• remove PoC scenario before merge via force-push
• update fleet.py
• make node unresponsive and steal funds

[pinheadmz]

This is a cool POC thanks for cooking it up!
You've already got a todo there but yeah we wouldn't merge yaml files like this because they are always re-generated by fleet.py