According to Trustnodes.com, August 31, Rusty Russell, developer of the Bitcoin Lightning Network, said:
Many lightning network related projects have security issues that can result in the loss of user funds.
In the post shared by the lightning network mailing list, he said that the "full details of the security issue will be announced within 4 weeks", presumably to prevent hackers from exploiting this vulnerability.
- Ciphered currency supported by Ethereum: Dai is trying to change the rules of the stable currency game
- The Starcoin Foundation destroyed 55 billion XLM, and the price of the currency rose by 24%.
- Focus interview: set up a scam by the name of “blockchain”! Chaos is so worrying
- Survey: Apple App Store Cryptographic Search Results Rankings
- SKALE receives $17.1 million in financing for the best opportunity for Ethereum Smart Contracts to “ride a dust”
- What does the Hong Kong Securities Regulatory Commission say about the regulatory guidelines for digital asset trading platforms? (with full text)
Russell urged all users running the Lightning Network to upgrade and publicly stated:
Everyone should complete the upgrade within a period of time, and make sure that the version of the client you are running the Lightning Network c-lightning is < 0.7.1, lnd < 0.7, eclair <= 0.3, and these versions are very vulnerable.
There are currently three vulnerabilities reserved in the Common Vulnerabilities Disclosure (CVE, a vulnerability dictionary recognized by security practitioners, which you can use here to find vulnerability information for different applications or systems). One of them said:
This vulnerability has been retained by an organization or individual. When the vulnerability is announced, we will provide more details about it.
Recently released a new version of the Lightning Network client, which is clearly not affected by the above vulnerability:
We are pleased to announce the #clightning 0.7.2 version, "Zhong Ben Cong was pre-approved by the US Congress" just released!
This release includes dynamic plugin management, support for upcoming signets, many performance improvements, and some minor fixes.
– Christian Decker, August 20, 2019 Now we don't know what happened. The above vulnerability is mainly aimed at the older lightning network nodes.