TL;DR: Hebrew University researchers found “a systemic attack on the Lightning Network that allows stealing funds that were locked in payment channels,” whereby an “attacker forces many victims at once to flood the blockchain with claims for their funds. He is then able to leverage the congestion that they create to steal any funds that were not claimed before the deadline.”
Lightning Network Vulnerable to a Systemic Flood & Loot Attack
However Lightning Network (LN) enthusiasts slice it, 2020 has not been a great year for the supposed answer to notorious BTC scaling issues. The second layer, off-chain solution began the year by its LN torch being stolen. Not too much later, a company dedicated to building the system of funded channels confessed to wanting LN to be “like Visa.” And shortly after it celebrated its official 5th birthday, university researchers from Luxembourg, Norway, England, and the United States concluded privacy flaws were endemic to its very design.
Then, Square Crypto open source engineer Matthew Corallo disclosed an attack on LN which amounts to “a new method for stealing money from LN nodes.” Last month, Ethereum DeFi projects were found to hold 4 times the BTC locked in the Lightning Network. One of the best-known crypto debit services, BitPay, announced they would not support the second layer solution. If all that wasn’t enough, at the beginning of this month, Bitcoin Core developers connected to Chaincode Labs showed how time-dilation attacks “currently seem to be the most practical way to steal funds via an Eclipse attack for several reasons. Neither hashrate access is required nor the attacks are targeted at merchants only,” they insisted.
Now, researchers from The Hebrew University of Jerusalem, Jona Harris (Master of Science student) and Aviv Zohar, Associate Professor at The School of Engineering and Computer Science (and Chief Scientist at QED-it), published the latest Lightning Network vulnerability, what they call, “Flood & Loot.” The consequences of the attack depend on the mix of Lightning implementations the attacker chooses to hit,” Harris and Zohar explain, showing “only 85 simultaneously attacked channels are enough to guarantee that the attacker gets away with some money (and this assumes there are no other blockchain transactions competing for space — which is a highly optimistic assumption).”
They’re careful to warn how their “attack can allow funds to be stolen from innocent users. Do not try it at home. Unfortunately, no obvious change to the protocol eliminates it entirely. The results of this work have been shared with developers of the three main Lightning implementations before publication,” Harris and Zohar note further. Essentially, they go after Hash Time-Locked Contracts (HTLC), controlling two nodes, load them with HTLC payments, and when the victim requests fund movement they’re denied. The weight of so many HTLC unresolved payments simply makes recovery of funds unlikely no matter how the victim tries to mitigate.
CONTINUE THE SPICE and check out our piping hot VIDEOS. Our podcast, The CoinSpice Podcast, has amazing guests. Follow CoinSpice on Twitter. Join our Telegram feed to make sure you never miss a post. Drop some BCH at the merch shop — we’ve got some spicy shirts for men and women. Don’t forget to help spread the word about CoinSpice on social media.
DYOR: CoinSpice is your home for just spicy crypto things. We’re not affiliated with any cryptocurrency project or token. Each published piece is intended for information purposes only, not investment advice and not in the hope of impacting speculative markets. There are plenty of trading sites and coin-specific advocacy journals out there, we’re neither. CoinSpice strives for rigorous accuracy in our reporting. Information presented here is contingent usually on a host of factors, and the ecosystem moves fast — prices change, projects change, and at warp speed. Do your own research.
DISCLOSURE: The author holds cryptocurrency as part of his financial portfolio, including BCH.