A bunch of new security vulnerabilities was recently detected in Bitcoin’s Lightning Network which demands a node upgrade or users will lose all their Bitcoin.
A threat to Bitcoin’s payments dream
The Lightning Network was designed as a unique solution on the Bitcoin blockchain designed for smaller transactions. LN makes these transactions cheaper while executing them more swiftly. Even though the solution has a long list of critics who believe that the clunky solution isn’t designed for crypto mainstream, LN has been going strong.
However, in a recent post shared with recipients on the LN mailing lead, software developer Rusty Russell wrote,
“Security issues have been found in various lightning projects which could cause loss of funds. Full details will be released in 4 weeks; please upgrade well before then.”
Russell wrote a majority of the LN protocol specification. The vulnerability has not yet been discussed. LN will follow the standard practice of allowing developers time to fix the problem and avoid bug exploitation before disclosing the vulnerability. If blockchain projects reveal the nature of the vulnerability before fixing it, malicious elements in the blockchain ecosystem may use it to their own advantage.
What do we know?
Though the real vulnerability is still unknown to the wider community, it appears that the bugs are in Éclair, a Bitcoin wallet that can process Lightning transactions. Russell had also advised the users to update their wallets.
Lightning Network is one of the most crucial as well as controversial projects built atop the Bitcoin blockchain. The idea of LN was first tabled by Joseph Poon, and Thaddeus Dryja in 2015 were they talked about creating an additional layer on Bitcoin blockchain. This extra layer can process transactions quickly and more cost-efficiently, before adding them on a certain block.
It employs the use of a Bitcoin address called a channel where two users can deposit funds and engage in any number of transactions they prefer. Payments are only added to the core Bitcoin blockchain when the users close the channel. This helps in maintaining the integrity of the Bitcoin blockchain while making transactions faster. Note that the current block mining time is 10 minutes, which means that BTC transactions can only be verified after 10 minutes.
Though there are a few wallets that allow users to make these small and quick payments using LN, the number of nodes for this solution is still relatively low. This means that processing LN transactions are a loss-making business for the nodes. Only increased adoption of BTC and LN will help the network become profitable.