A major vulnerability was identified in the Bitcoin Lightning Network, a second-layer solution aimed at accelerating transaction speeds on the Bitcoin blockchain.
The flaw was reported by Bitcoin developer Antoine Riard, who laid out the details in a report published last week.
The vulnerability, referred to as “replacement cycling attacks,” could potentially jeopardize the security of funds flowing through the Lightning Network.
It theoretically may allow sophisticated attackers to execute a "transaction-relay jamming attack" and target a crucial Lightning Network component known as Hash Time Locked Contracts (HTLC). The objective of such an attack would be to disrupt the normal flow of transactions, causing delays or preventing them from being processed as expected. This could lead to potential risk of loss-of-funds within the network’s channels.
Although concerning, the flaw has not yet led to any verified real-world attacks. Riard stated that there’s no evidence of such activities over the past 10 months based on observational data. “While neither replacement cycling attacks have been observed or reported in the wild since the last ~10 months or experimented in real-world conditions on bitcoin mainnet,” the report highlighted.
Riard also revealed that the vulnerability was disclosed to Lightning developers and mitigation steps have been taken, with patches deployed across major Lightning Network implementations like Eclair, LND, and C-Lightning. However, he expressed reservations about the effectiveness of these mitigations against more advanced forms of the attack.
The implications of this vulnerability could extend beyond the Lightning Network. Riard’s report suggested that the flaw might affect a range of other Bitcoin protocols and applications, such as coinjoins, peerswap and batch payouts.
Riard, the developer who first unearthed the vulnerability, simultaneously published a note stating that he has ceased work on Lightning.
“Effective now, I’m halting my involvement with the development of the lightning network and its implementations, including coordinating the handling of security issues at the protocol level,” Riard wrote.
source:theblock
Polkadot was launched in May 2020. In a market dominated by Bitcoin and Ethereum, it quickly established itself as the next generation blockchain. The scale and interoperability problems limit Bitcoin's ability to transfer value without the assistance of
For some newcomers to the currency circle, they are not familiar with the investment in the currency circle, and their understanding of the special currency is not very deep. Therefore, they may be at a loss in the choice of investment methods. Many inves
Lummis is a well-known crypto advocate on Capitol Hill with over $100,000 in crypto.
Several analysts argue that shrimp accumulation is good for the Bitcoin network because it makes the asset more decentralized over time.
ARK Invest filed for a spot Bitcoin ETF in collaboration with 21Shares long before BlackRock did, and its application is reportedly first in line for the SEC’s approval.
Interestingly, the price surge was on the back of increased activity from whales, as indicated by on-chain data. The increased activity led to an increased"/>
Recent market dynamics have seen Solana struggling to break above the $200 mark. A notable bearish factor among these market fundamentals is the recent"/>
DOGE, the internet's favorite memecoin, is back in the spotlight. Recent data reveals a surge in futures market activity, coupled with bullish technical"/>
The recent stratospheric rise of Bitcoin, reaching a new all-time high of $73,000, has sent ripples of excitement and trepidation through the crypto world."/>
Co-founder of Tornado Cash Roman Storm has filed a motion to dismiss the charges levied against him by the US Department of Justice (DOJ)."/>
On Thursday, March 28, a hack occurred on Prisma Finance, a decentralized lending protocol on the Ethereum network. The exploiter carted away about 3,257.7"/>
Once fully licensed in Dubai, Bybit plans to run a full-scope exchange, offering crypto lending, payments, investment and other services.
Tue, 18 Apr 2023