Study: Bitcoin Lightning Network Could Have Security Vulnerabilities

Recently, Blockstream researcher Christian Decker co-authored a research paper with Utz Nisslmueller, Klaus-Tycho Foerster, and Stefan Schmid from the Department of Computer Science at the University of Vienna. The paper states that considering how the Lightning Network uses gossip and detection mechanisms to support nodes, this article It is studied whether these mechanisms can be used to access sensitive transaction data, and two attack methods are proposed: detection attack and timing attack. A detection attack refers to a malicious actor attempting to determine the maximum transmission amount that can be transmitted on a connected target channel through active detection. A timed attack is defined as how close a hacker is trying to find out where the routed payment is actually located. Research papers show that as long as "only one channel has a balance lower than or equal to the next lowest balance on the route from the attacking node", it is possible to track channel payments on any node arriving from the attacking node.