New research: Bitcoin Lightning Network could have multiple security holes

To make Bitcoin more scalable, Joseph Poon and Thaddeus Dryja created the Lightning Network in 2016. The project improves scalability by creating a second layer on the Bitcoin blockchain, and significantly increases transaction speed, as transactions do not require confirmation from all nodes on the network.

lightning-1625550_960_720

Image source: pixabay

However, after a formal security audit last September, the network was found to have multiple vulnerabilities.

Blockchain technology company Blockstream and some of its enterprise projects have been actively involved in the development of the Lightning Network. They even developed a C-lightning implementation of the network in C.

Recently, Christian Decker, a researcher at Blockstream, and Utz Nisslmueller, Klaus-Tycho Foerster, and Stuttgart in the Department of Computer Science at the University of Vienna A research paper was co-authored by Stefan Schmid.

Considering how the Lightning Network uses Gossip algorithms and detection mechanisms to support nodes, this paper investigates whether these mechanisms can be used to access sensitive transaction data.

This paper proposes two attack methods: probing attack and timing attack.

A probe attack is an attempt by a malicious participant to proactively determine the maximum amount of money that can be transferred on a connected target channel. A timed attack is defined as an attack that an attacker attempts to take to find out how long it takes for a routed payment to actually reach its destination.

The research paper shows that as long as "only one channel's balance is lower than or equal to the second lowest balance on the route from the attacking node", it is practical to track payment on any node's reachable channel from the attacking node.

However, researchers also point out that nodes that call themselves private can prevent broadcasts via Gossip, which can be useful for mobile wallets or nodes with limited runtime, such as personal computers.

In addition, although the research team believes that due to the nature of Lightning Network routing, it is impossible to find out the time to the original payment source, they also found that the timing attack "has generated uniformity on the local network with almost no external interference Results of the distribution. "

This research shows that the off-chain routing mechanism of the Layer 2 expansion solution can be used to obtain the status of the private information network, which may pose a threat to end users, because most users connect to a single, well-connected node in order to communicate with Other users interact.

With the continuous development of the Lightning Network, these problems are expected to be resolved, allowing the Bitcoin blockchain to expand and meet the requirements for large-scale adoption.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

The volatility product "Turtle Bunny Card" is available, is the coin derivative a devil or an angel?

On May 30th, Dr. George Cao, founder and CEO of BitMax.io, visited the ChainNode live room and talked to Babbitt edit...

Blockchain

Korean or Korean? Bittrex Dreams New York

In June 2015, the New York Financial Services Department (NYDFS) became the first pioneer to develop a regulatory fra...

Blockchain

Fake foreign exchange platform to enter the currency circle: reverse shouting, tampering with data, investors become the biggest victims

After the spread of money and funds, there has been a new routine in the currency circle – a false exchange. Pu...

Blockchain

Graphic dismantling: Where did FCoin assets go? Is there a problem with the funding chain in 2018?

Author: PeckShield, the original title "graphic dismantling FCoin assets to its heyday already noticeable declin...

Policy

FTX Customers Buckle Up! $9B Shortfall Claim Payout Expected to Roll Out by Mid-2024

Good news for fashion lovers! FTX has reached a settlement with their debtors and creditors, potentially returning $9...

DeFi

LK Venture Research Report | Telegram vs Twitter Who will dominate the super application race in the Web3 era?

Original author LeoDengSummary X and Telegram are globally renowned social media platforms that are exploring in the ...