Lightning Network Developers Confirm the Exploitation of Security Vulnerabilities 

The Lightning Network has proven to be the industry standard when it comes to asset transfers over a secure network for a few years. The program makes it possible to use Bitcoin at almost no cost, thus expanding the asset’s use cases for payments and making it more attractive to buy cryptocurrency.

However, it would seem that a few vulnerabilities have become too problematic for the developers. Earlier this week, Olaoluwa Osuntokun, the Chief Technology Officer at ACINQ and Lightning Labs, posted a statement on the Linux Foundation domain page where he revealed news of certain vulnerabilities in the Lightning Network being exploited. According to the crypto executive, there have been confirmed instances where Common Vulnerabilities and Exposures (CVEs) have been exploited for the gain of unsavory people. 

The vulnerability Olaoluwa was referring to was first reported late last month by Rusty Russell, a Lightning Network programmer based out of Australia. 

At the time, the software developer warned users that there was a security issue in the Lightning Network that could potentially lead to users losing their crypto holdings, thus encouraging users of the software to update their versions as soon as they possibly can. 

Up until now, neither party has been able to identify the number of assets that were lost. Now that the developers of the Lightning Network themselves have confirmed the existence of these vulnerabilities, Osuntokun strongly urged users to upgrade their Lightning Network versions. Corroborating what Russell previously asserted, Osuntokun revealed that the affected versions include eclair nodes version 0.3 and below, c-lightning nodes version 0.7 and below, and versions of LND from 0.7 and below.   

The company itself weighed in, urging users to be calm but also remain highly vigilant, in its tweet, Lightning Labs wrote, “This is also a great time to remind folks that we have limits in place to mitigate widespread funds loss at this early stage. There will be bugs. Don’t put more money on Lightning than you’re willing to lose!” 

Of course, a security vulnerability in something like the Lightning Network isn’t particularly a new occurrence. Every tech-based payment infrastructure gets buggy from time to time, but given how much tough talk the developers and fans of this infrastructure have been talking one would think that they would have covered all instances of bugs and other errors. 

Samson Mow, the co-founder of cryptocurrency exchange BTCC and executive at Blockstream, recently appeared in an interview with SFOX, where he bashed Bitcoin for being bad for payments. 

In part, he said, “It’s more of a store of value and a medium of wealth transfer. It’s not something you would use every day in payments. I’ve said this before, and people have twisted around and said I hate Bitcoin, but Bitcoin is bad for payments.”

Mow went on to tout the Lightning Network for being able to potentially save this, thanks to its scalability and virtually free operation structure. 

However, if security vulnerabilities continue to plague the network, then there really is no way they can convince skeptics that the network is the best thing for making payments. The Lightning Network is a significant player in the fight for increased crypto adoption as it has become the transfer standard for several cryptocurrency exchanges, and they need to get their act together.