2 years ago
Researchers astatine the University of Illinois person discovered vulnerabilities successful the Bitcoin (BTC) Lightning Network that could effect successful the theft of 750 BTCs (roughly $18 million).
The 2 researchers, Cosimo Sguanci and Anastasios Sidiropoulos, published a paper wherever they explained the vulnerability successful the Layer 2 web utilizing a hypothetical lawsuit wherever malicious nodes tin collude for an attack.
“A conjugation of conscionable 30 nodes could fastener the funds of 31% of the channels for astir 2 months via a zombie attack, and could bargain much than 750 BTC via a wide double-spend attack.”
Zombie attack
According to the paper, a zombie onslaught is simply a signifier of vandalism that congests the web and marque the lightning web unusable.
A zombie onslaught is simply a script wherever immoderate nodes are unresponsive, thereby locking funds connected to these nodes.
The insubstantial stated that the lone mode to support against this onslaught would beryllium for the honorable nodes to adjacent their transmission and instrumentality to the Bitcoin Layer 1 network. But that volition outgo a batch successful transaction fees.
Double walk attack
Another benignant of wide exit onslaught discovered by the researchers is the double-spend attack. The onslaught would necessitate the practice of respective malicious nodes to overload the Bitcoin Layer 1 blockchain with fraudulent closing transactions.
If the attackers tin wage the precocious fees resulting from the web congestion, they volition beryllium capable to skip the queue and treble walk Bitcoin.
But this onslaught is lone imaginable erstwhile determination is simply a flaw successful the configuration of 1 of the Lightning Networks watchtowers.
Watchtowers role
The watchtowers support way of the authorities of the Lightning Network and store each information utilized for regular transactions, besides called justness transactions.
Honest nodes volition person to taxable justness transactions to quality the fraudulent requests, truthful if each watchtowers are moving effectively, it is casual to ascertain fraudulent transmission closing requests.
A poorly maintained watchtower tin supply the cleanable introduction constituent for a wide double-spend attack, which could importantly impact the victims.
A treble walk onslaught would beryllium disastrous for the network
The researchers wrote that a double-spend onslaught could beryllium the astir catastrophic if it happens.
They added that the severity would lone summation arsenic the network continues to develop, hence the request to woody with the vulnerabilities efficaciously and immediately.
They concluded by recommending the cautious configuration of watchtowers. “Ideally, they should show layer-1 congestion and respond aggressively successful the lawsuit of precocious congestion,” the insubstantial noted.
The caller revelation further adds to the database of other vulnerabilities connected the network, such arsenic a Griefing attack, Flood and loot, clip dilation eclipse, and pinning.
Meanwhile, contempt these vulnerabilities, malicious players person been incapable to exploit the network.
The station Researchers observe vulnerabilities successful Bitcoin layer-2 Lightning Network appeared archetypal connected CryptoSlate.
English (US) 