Lightning Network's developers have discovered bugs in various versions of bitcoin's Lightning Network software that could cause users to lose funds.
September 11, 2019, | AtoZ Markets - The development team behind SegWitCoin (BTC) and it's Lightning Network- Bitcoin core has apparently had issues. Rusty Russell, who is a software programmer and has been involved with the project, uncovered vulnerabilities recently that could lead to the loss of cryptocurrency and sent out a warning to the community to upgrade the network’s nodes. However, a new report sheds light on the issue and reveals that the warning may have come too late. The vulnerabilities may have already been exploited.
Lightning Labs and ACINQ's CTO speaks about the vulnerabilities
Olaoluwa Osuntokun, the chief technical officer (CTO) for two startups tied to the Lightning Network - Lightning Labs and ACINQ published a statement about the issue on the Linux Foundation’s website yesterday. He proclaims that there are “confirmed instances” of the vulnerabilities have been exploited and, like Russell, urges node operators to upgrade as quickly as possible.
The Common Vulnerabilities and Exposures (CVE) affect Lightning Network nodes version 0.7 and below, as well as eclair nodes version 0.3 and below and c-lightning nodes version 0.7 and below.
As with all software in any environment, but particularly in financial settings, all linked applications should always be kept up to date.
Avoid the Lightning Network
Lightning Labs recognizes the vulnerabilities and cautions users to avoid the network. The company addressed that this is also a great time to remind folks that have limits in place to mitigate widespread funds loss at this stage.
In a tweet, they warned that there will be bugs and cautioned investors for putting more money on Lightning network to avoid losses.
The Lightning Network was introduced in December 2017 as the Core team decided that scaling the network was an impossible task. It has been stuck in beta testing since then and has been live on BTC’s mainnet since January of last year. Two years under beta seems like a ridiculously long time, but it proves that the solution is not as robust as developers had expected.
Moreover, the solution has been problematic from the start and has already been targeted in at least one dedicated denial of service attack. It tries to circumvent the integrity of the blockchain’s core protocols and doesn’t deliver the results intended.
Despite BTC developers’ belief that large blocks aren’t possible on any blockchain, the world already knows that this isn’t true, as Bitcoin SV’s (BSV) Quasar upgrade successfully led to blocks of two gigabytes being mined on the BSV blockchain.
Think we missed something? Let us know in the comments section below.