According to Trustnodes.com, August 31, Rusty Russell, developer of the Bitcoin Lightning Network, said:
Many lightning network related projects have security issues that can result in the loss of user funds.
In the post shared by the lightning network mailing list, he said that the "full details of the security issue will be announced within 4 weeks", presumably to prevent hackers from exploiting this vulnerability.
- Bitcoin fell 11% on two days, a generation of God machine ant mining machine S9 is in jeopardy
- Former Nasdaq Vice President David Weild: Digital Securities is the historic intersection of blockchain and finance
- Bloomberg: Bitcoin derivatives trading surged into speculators largest casino
- 23 central banks talk about CBDC, China may become the first issuer
- Raise $50 million! Licensed hedge fund company Nickel launches encryption arbitrage fund
- Kay Uncle commented: Have you lost money in the currency circle? Look for it to get back
Russell urged all users running the Lightning Network to upgrade and publicly stated:
Everyone should complete the upgrade within a period of time, and make sure that the version of the client you are running the Lightning Network c-lightning is < 0.7.1, lnd < 0.7, eclair <= 0.3, and these versions are very vulnerable.
There are currently three vulnerabilities reserved in the Common Vulnerabilities Disclosure (CVE, a vulnerability dictionary recognized by security practitioners, which you can use here to find vulnerability information for different applications or systems). One of them said:
This vulnerability has been retained by an organization or individual. When the vulnerability is announced, we will provide more details about it.
Recently released a new version of the Lightning Network client, which is clearly not affected by the above vulnerability:
(Source: Twitter)
We are pleased to announce the #clightning 0.7.2 version, "Zhong Ben Cong was pre-approved by the US Congress" just released!
This release includes dynamic plugin management, support for upcoming signets, many performance improvements, and some minor fixes.
– Christian Decker, August 20, 2019 Now we don't know what happened. The above vulnerability is mainly aimed at the older lightning network nodes.