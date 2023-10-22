Bitcoin’s Lightning Network was designed to make Bitcoin transactions faster and cheaper. But now according to a recent discovery by former Lightning developer Antoine Riard, the network has a major security flaw that puts users’ funds at risk. Taking to a thread on the Linux Foundation’s public mailing list, Riard detailed the newly discovered security vulnerability in the Lightning Network that could allow hackers to easily gain control over the Layer 2 protocol.

Developer splits from Bitcoin Lightning Network due to security concerns

The Bitcoin Lightning Network is a “Layer 2” payment protocol that works on top of the Bitcoin blockchain. This enables faster, lower-cost transactions between participating nodes. Since its inception, the Bitcoin Layer 2 protocol has been well accepted, although various vulnerabilities have been reported.

Users can send and receive Bitcoins instantly thanks to the Lightning Network, which facilitates the creation of a network of payment channels between users without waiting for transactions to be confirmed on the blockchain. However, Riard claims that there is a dangerous new threat out there called Replacement Cycling Attack, which puts the network in a dangerous state.

Cycling attacks work by specifically targeting payment channels to steal funds from the mempool. These attacks are not easy but can be executed by very sophisticated players. It essentially works by replacing the transaction signature of the victim’s timed out transaction in the mempool by a new transaction without leaving any trace on the network. Although simple cycling attacks can be easily mitigated, Riard warned that a very sophisticated attack could leave payment channels exposed to hackers.

How does the Lightning Replacement Cycling attack work? There is a lot of discussion about this newly discovered vulnerability on mailing lists, but the actual mechanism is a bit hard to follow. So here’s an illustrated primer… 🧵 1/n pic.twitter.com/mvvS8bEc5f – Mononaut (@mononautical) 21 October 2023

What this means for the future of the Lightning Network

The vulnerabilities exposed in the Lightning Network codebase are troubling for the future of Bitcoin’s scalability solution. Riard’s discovery seems to have sent Bitcoin investors into a frenzy, as evidenced by comments on social media platforms.

In his second memo on the issue, Riard noted that addressing the issue may require significant rewriting of critical components of the network’s base layer. Protecting against backdoors may also require modifications to the underlying public Bitcoin ecosystem.

“I think this new class of replacement cycling attacks puts Lightning in a very dangerous position, where there can only be a permanent fix at the base-layer, for example a memory-intensive deletion of all observed transactions or some consensus upgrade.” Adding history,” Riard said.

Breaking: one of the top #bitcoin The developers recently discovered a massive security vulnerability in the Lightning Network, leading them to announce their withdrawal from the project. They claim there are intentional backdoors in the code that allow attackers to easily gain full control… pic.twitter.com/oLiVXk0A2F – WhaleWire (@WhaleWire) 21 October 2023

Réard has resigned from Lightning Network development and now plans to focus on Bitcoin Core development. Data from DefiLlama shows that the TVL of Lightning Network is now $159.74 million. Its future depends on how developers and the Bitcoin community react to this news. Rapid, transparent resolution of the vulnerability must be the next important step to restore trust.

On the other hand, the price of Bitcoin has crossed $30,000. Famous financial writer Robert T. Kiyosaki estimates that Bitcoin will reach $135,000 very soon.

