Bitcoin Developer Sounds The Alarm: There’s A Backdoor In The Lightning Network

Must read

5 Types of Licenses for Financial Advisors

Financial advisors help individuals make informed decisions about their finances, but it’s also important to ensure that anyone you trust to manage your...

Legal Clash: Texas Crypto Firm Files Lawsuit Against US SEC Over Digital Asset Regulation

A Texas-based crypto company, Lejilex, along with the Crypto Freedom Alliance of Texas (CFAT), has filed a lawsuit against the US Securities and...

A Leading DeFi Bull Indicator? MetaMask Registers Over 30 Million In 5 Months

MetaMask monthly active users (MAUs) currently stand at over 30 million, a near 2X surge from around 19 million recorded in September 2023. ...

Bitcoin Bullish Signal: Inflows To HODLer Wallets Hit ATH

On-chain data shows the Bitcoin inflows going towards “accumulation wallets” have hit a new all-time high, a sign that could be bullish for...

Bitcoin’s Lightning Network was designed to make Bitcoin transactions faster and cheaper. But according to a recent discovery by a now former Lightning developer Antoine Riard, there’s a major security flaw in the network that puts users’ funds at risk. Taking to a thread on the Linux Foundation’s public mailing list, Riard detailed the new discovery of a security risk in the Lightning Network that could allow hackers to easily get control of the Layer 2 protocol.

Developer Departs From Bitcoin Lightning Network Over Security Concerns

The Bitcoin Lightning Network is a “layer 2” payment protocol that operates on top of the Bitcoin blockchain. It enables fast, low-cost transactions between participating nodes. Since its inception, the Bitcoin Layer 2 protocol has been well accepted, although various vulnerabilities have been reported.

Users can instantaneously send and receive Bitcoin thanks to the Lightning Network, which facilitates the creation of a network of payment channels between users without waiting for transactions to be confirmed on the blockchain. However, Riard claims that there’s a new malevolent danger out there called the replacement cycling attack, which puts the network in a perilous position.

Cycling attack works by specifically targeting payment channels to steal funds from mempools. These attacks are not easy but can be carried out by very sophisticated players. It essentially works by changing the transaction signature of a victim’s timeout transaction in a mempool by a new transaction without leaving a trace on the network. Although simple cycling attacks can be easily mitigated, Riard warns that a very sophisticated attack could leave payment channels exposed to hackers.

https://x.com/mononautical/status/1715736832950825224?s=20 

How does a lightning replacement cycling attack work?

There’s a lot of discussion about this newly discovered vulnerability on the mailing lists, but the actual mechanism is a bit hard to follow.

So here’s an illustrated primer…

🧵 1/n pic.twitter.com/mvvS8bEc5f

— mononaut (@mononautical) October 21, 2023

Related Reading: Bitcoin In Peril? Is BTC ‘Fighting Crucial Levels’ Or Winning?

BTC market cap currently at $584.24 billion. Chart: TradingView.com

What This Means For The Future Of The Lightning Network

The vulnerabilities uncovered in the Lightning Network codebase are troubling for the future of Bitcoin’s scalability solution. Riard’s discovery seems to have ruffled a few feathers of Bitcoin investors, as revealed by comments on social media platforms. 

In what looks like his second memo on the issue, Riard mentions that addressing the issue may require significant rewrites of critical components of the network’s base layer. Defending against the backdoor may also require modifications to the underlying public Bitcoin ecosystem.

“I think this new class of replacement cycling attacks puts lightning in a very perilous position, where only a sustainable fix can happen at the base-layer, e.g adding a memory-intensive history of all-seen transactions or some consensus upgrade,” Riard said.

https://x.com/WhaleWire/status/1715686930476655030?s=20 

BREAKING:

One of the top #Bitcoin developers recently discovered a massive security risk in the Lightning Network, which triggered him to announce his departure from the project.

He claims theres intentional backdoors in the code that allow attackers to easily get full control… pic.twitter.com/oLiVXk0A2F

— WhaleWire (@WhaleWire) October 21, 2023

Riard has since stepped down from the development of the Lightning Network, with plans to focus now on Bitcoin core development. Data from DefiLlama shows the TVL of the Lightning Network is now at $159.74 million. Its future of depends on how developers and the Bitcoin community respond to this news. A quick, transparent fix of the vulnerability to restore trust should be the important next step. 

On the other hand, the price of Bitcoin just crossed $30,000. Renowned financial author Robert T. Kiyosaki predicts that Bitcoin will reach $135,000 very soon.

Featured image from Crypto News

More articles

Latest article

5 Types of Licenses for Financial Advisors

Financial advisors help individuals make informed decisions about their finances, but it’s also important to ensure that anyone you trust to manage your...

Legal Clash: Texas Crypto Firm Files Lawsuit Against US SEC Over Digital Asset Regulation

A Texas-based crypto company, Lejilex, along with the Crypto Freedom Alliance of Texas (CFAT), has filed a lawsuit against the US Securities and...

A Leading DeFi Bull Indicator? MetaMask Registers Over 30 Million In 5 Months

MetaMask monthly active users (MAUs) currently stand at over 30 million, a near 2X surge from around 19 million recorded in September 2023. ...

Bitcoin Bullish Signal: Inflows To HODLer Wallets Hit ATH

On-chain data shows the Bitcoin inflows going towards “accumulation wallets” have hit a new all-time high, a sign that could be bullish for...

‘Avoid Ethereum (ETH) At All Costs’ Says Bitcoin Advocate – Here’s Why

Bitcoin supporter Fred Krueger has recently voiced concerns about Ethereum’s (ETH) fundamental trends and potential regulatory hurdles. Krueger’s remarks, shared in a post...