Então, a partir do momento que você envia fundos para um canal, você assinou uma transação, revelando sua chave pública.. e o atacante terá mais de ~10 minutos para tentar o ataque..
E para abrir um canal, também imagino que é necessário assinar uma transação, não?
Ao abrir um canal é feito um depósito de fundos (funding transaction) - o endereço que enviou os fundos terá a chave pública revelada. A chave pública, no endereço que foi feito o funding, na primeira camada (layer 1) não seria revelada somente após o fechamento do canal?
No endereço do canal, imagino que sim, então não teria como atacar todos os fundos de uma só vez.. Porém os fundos que você enviar para lá necessitam ser confirmados, revelando a chave pública..
Procurando achei essas informações interessantes, como por exemplo, vale lembrar que se você gastar os fundos de um fork do BTC, as chaves ficam expostas também..
E pelo que eu entendi do texto, só as P2PK sofrem este risco, P2PKH e P2SH não.
(i) Bitcoin transactions with P2PK UTXOs, as these display the public key in the output of the transaction. As soon as such a transaction has been included in the blockchain, or even just broadcast to the network, a slow QCA can compute the corresponding private key and thereby essentially gain control over the respective funds. An initial analysis of the UTXO set in Bitcoin shows that about 1.77 million BTC fall into this category.4 This problem can be mitigated by using, for example, P2PKH and P2SH addresses. However, when consuming such an UTXO, the owner of the address must reveal her public key and digital signature in the scriptSig of the respective input. Once this transaction is broadcast to the network for confirmation and inclusion in a block, the attacker can compute the private key from the revealed public key. Furthermore, the attacker could then look for any additional UTXOs associated with the same address and consequently consume them, now that she is in control of the private key. We find that about 3.9 million BTC reside in UTXOs that can be compromised by such attacks. In total, at least 33% of all BTC are currently vulnerable to attacks by a QCA. At the time of writing, this amounts to approximately 50 billion USD.5
(ii) Bitcoin users publishing their public key on a Bitcoin fork, e.g. Bitcoin Cash [31] or Bitcoin Gold [32]. As Bitcoin forks share the same transaction history prior to the fork point, such behaviour may allow a QCA to gain control over a user’s Bitcoin funds using the exposed public key. Furthermore, a QCA could then also exert control over funds on the blockchain where the public key was initially obtained.
(iii) Any other revealing of public keys, such as part of signed messages to ensure integrity, in forums, or in payment channels (e.g. Lightning Network [33]).
Fonte:
https://royalsocietypublishing.org/doi/full/10.1098/rsos.180410