Skip to main content

Lightning Network Exploits Continue to Hinder the Bitcoin Scaling Solution

Lightning Network Exploits Continue to Hinder the Bitcoin Scaling Solution

While bitcoin has run-up to all new price highs in 2020, a great number of crypto supporters have been complaining about the mempool backlog and the high fees needed to send a transaction. Meanwhile, the Lightning Network is far from seeing widespread adoption, and a number of attack vectors have been revealed this year.

At the time of publication, the Bitcoin (BTC) mempool (backlog of transactions) shows 113,000+ unconfirmed transactions and the backlog hasn’t been this high since 2017. When the bull run took place three years ago, transaction fees and unconfirmed transactions shot through the roof. Currently, according to bitcoinfees.cash data on October 31, the next BTC block fee is $10.77 and the current median fee is $6.43.

Even with the high fees and the mempool clog, the greater bitcoin community is still transacting mostly onchain. The Layer 2 protocol built on top of Bitcoin called the Lightning Network (LN) was supposed to ease the problems, and it was assumed people would shift to the LN solution. However, this never came to fruition, as the LN software has been considered too difficult for the average user, many apps are custodial, and there have been numerous vulnerabilities disclosed this year.

Even though the LN total-value-locked (TVL) in 2020 has been at an all-time high ($14.3M), it hasn’t come close to the over $2 billion worth of bitcoin (BTC) held on Ethereum. The attack vectors have also been making crypto advocates leery of the Layer 2 protocol, as there’s been a number of vulnerabilities disclosed. For instance, Joost Jager, an independent Bitcoin and Lightning Network engineer tweeted about one on Sept. 22.

“Lightning is great, but can’t say it is battle-tested,” said Jager. “If script kids would be interested, they could take down those shiny new 5 BTC wumbo channels with negligible cost and no effort at all.” The fact that any script kiddie could leverage the ‘griefing attack’ to take down those 5 BTC channels, with very little effort, is quite discouraging.

The Bitcoin (BTC) mempool (backlog of transactions) shows 113,000+ unconfirmed transactions on October 31, 2020.

Moreover, the researchers Jona Harris and Aviv Zohar recently published a paper called: “Flood & Loot: A Systemic Attack On The Lightning Network,” which is similar to the griefing attack.

“One of the risks that were identified early on is that of a wide systemic attack on the protocol, in which an attacker triggers the closure of many Lightning channels at once,” explains the paper’s authors. “The resulting high volume of transactions in the blockchain will not allow for the proper settlement of all debts, and attackers may get away with stealing some funds. This paper explores the details of such an attack and evaluates its cost and overall impact on Bitcoin and the Lightning Network.”

Furthermore, on June 2, 2020, Antoine Riard and Gleb Naumenko published a paper on another Lightning Network vulnerability called the “time-dilation attack.” One scary fact that Naumenko and Riard disclose about the time-dilation attack, is that it is “currently possible to steal the total channel capacity by keeping a node eclipsed for as little as 2 hours.”

Not too long after that issue, Antoine Riard recently discussed another susceptible exploit called the “Pinning Attack.” Riard notes that to the best of his knowledge, “currently deployed LN peers aren’t secure against [certain Pinning Attack] scenarios.” One particular scenario “requires heavy, long-term work at the base layer,” Riard stressed.

The Lightning Network has been around for quite some time, but these vulnerabilities and exploits combined with how unfriendly the user experience is, it hard to imagine the second layer solution catching on.

Of course, some of the exploits are more costly than other attacks, and engineers are working on solutions to fix these issues. However, many Lightning Network skeptics don’t believe the LN protocol will ever be ready, as one individual noted on Twitter:

Even if that were a success (by 2051, with one-third of the buyers already dead of old age) Lightning Network would STILL be vulnerable to Flood and Loot attack, and trivial DDOS at the protocol level. Lightning Network is no solution whatsoever.

What do you think about the Lightning Network vulnerabilities disclosed this year? Do you think it’s a good scaling solution? Let us know what you think in the comments section below.

The post Lightning Network Exploits Continue to Hinder the Bitcoin Scaling Solution appeared first on Bitcoin News.



from Bitcoin News https://ift.tt/3mGmODQ
Labels:

Comments

Post a Comment

Popular posts from this blog

Deep Web Roundup: Dream Adds Monero and Bitcoin Tumbler “Chip Mixer” Launches

The darknet has been quiet of late, which is the way it’s meant to be. No news means no mega busts, honeypots, or mass market shutdowns. Even when it’s out of the spotlight though, the deep web is quietly making news, whether trialling the latest privacy coins or the newest coin mixers that promise to restore a little of the privacy that’s being stripped away from bitcoin users on a daily basis. Also read: U.S. Agency ICE Conducts Investigations That Exploit Blockchain Activity The Battle for Privacy Heats Up Privacy is all relative, but of late there’s been relatively little privacy to be enjoyed by bitcoin users. Blockchain monitoring software is becoming more sophisticated and more common, with U.S. law enforcement agencies using it to profile and hunt down deep web users. Chip Mixer is a relatively new bitcoin tumbler that’s designed to restore some of that privacy. Available on both the clearnet and darknet, the service uses a variety of techniques to obfuscate blockchain m
10 comments
Read more

Custodial Lightning Network Service Attack Discovered by LN ‘Newbie’ — Hacker Strikes 6 LN Custodians

On September 18, a Redditor posted to the r/bitcoin forum and explained how he discovered a way to “attack [the] lightning Network’s custodial services.” The Reddit account dubbed “Reckless Satoshi” wanted to figure out if a “discrepancy between real routing fees and service’s transaction fee can be exploited for a profit.” The researcher disclosed that he wanted to see how large the damage could be and said “it is bad.” 6 Lightning Network Custodial Services Attacked, Researcher Discloses Findings to Offenders Prior to Public Disclosure A Redditor called Reckless Satoshi published a disclosure post on r/bitcoin this past Saturday and disclosed how he had found a vulnerability with routing fees and some of the Lightning Network’s custodial services. The research attack was done in good faith and after it was complete he disclosed the bugs to the offending services before publishing his findings. Reckless Satoshi used the Lightning Network (LN) attack on six different services incl
Post a Comment
Read more

International Crypto Exchange Luno Adds Bitcoin Cash Trading

Luno exchange has added bitcoin cash trading to the platform following feedback from its client base. BCH is now only the third cryptocurrency available for trading on the exchange, in addition to BTC and ETH , but more options could be on the way once Luno determines that they are credible enough. Also Read: Bitflyer Adds Bitcoin Cash Trading Across Europe and the US Luno Adds Bitcoin Cash Trading Luno, the London-headquartered company formerly known as Bitx, recently announced that bitcoin cash was made available on its cryptocurrency exchange. Starting from Monday, September 23, customers at Luno are now able to store, buy and sell BCH on the platform. The reason given for adding BCH to the exchange is feedback from users in developing markets that convinced Luno to expand their offering from previously just BTC and ETH . Marcus Swanepoel, CEO of Luno, said , “We are in a new and exciting financial era. Developing economies are leading the large-scale adoption and appli
Post a Comment
Read more