In an announcement made by Conner Fromknecht, head of cryptographic engineering at Lightning Labs, vulnerability
has been disclosed in the Lightning network, affecting operators using LND versions 0.10.X or earlier, which precede the update published last October 1st.
Full details of the vulnerability have not yet been released, and circumstances surrounding the discovery are cited to present a timeline during which more details will be provided. However, on behalf of Lightning Labs, they found no instances where this breach was exploited or exploited, and Fromknecht stated that a full report of the discovery will be released on October 20.
The Lightning Network is being developed by 3 teams: Lightning Labs, Blockstream and ACINQ. It is positioned as a possible solution to the problem of a few possible transactions per second presented by bitcoin (known as scalability).
In this network, payment channels are created between 2 individuals, allowing transactions to be immediate, since they do not enter the blockchain until the channel is closed, converting what would be multiple transactions into a single exchange.
Already during the months of March and April 2020, researchers had published academic papers where they exposed how prone is the Lightning network to simple cyberattacks that could reveal the balances, as well as the pathways and individuals who participated in fund exchanges that should be private.
Ania Piotrowska, a crypto researcher at University College London, had this to say: “As the Lightning network gains popularity, it is often sold as a more scalable and privacy alternative to Bitcoin. We felt it was an interesting research question to study how private Lightning really is. “
Fragility on the Lightning network
Unfortunately, this is not the first time that vulnerabilities have been found in this network, since just over a year ago, in September 2019, the CTO of Lightning Labs Olaoluwa Osuntokun also stated that they found vulnerabilities in the network being exploited, after that, they were reported by the LN programmer Rusty Rusell on August 30, 2019.
Who are Lightning labs?
Lightning Labs develop software that powers the Lightning Network. Their open-source, secure, and scalable Lightning systems enable users to send and receive money more efficiently. They also offer a series of verifiable, non-custodial Lightning-based financial services, creating a bridge between the world of open-source software and the next-generation of bitcoin financial software.
By Jenson Nuñez