Researchers uncover vulnerabilities in Bitcoin layer-2 Lightning Community

Researchers on the College of Illinois have found vulnerabilities within the Bitcoin (BTC) Lightning Community that might end result within the theft of 750 BTCs (roughly $18 million).

The 2 researchers, Cosimo Sguanci and Anastasios Sidiropoulos, revealed a paper the place they defined the vulnerability within the Layer 2 community utilizing a hypothetical case the place malicious nodes can collude for an assault.

“A coalition of simply 30 nodes may lock the funds of 31% of the channels for about 2 months through a zombie assault, and will steal greater than 750 BTC through a mass double-spend assault.”

Zombie assault

In response to the paper, a zombie assault is a type of vandalism that congests the community and make the lightning community unusable.

A zombie assault is a situation the place some nodes are unresponsive, thereby locking funds linked to those nodes.

The paper said that the one method to defend in opposition to this assault could be for the trustworthy nodes to shut their channel and return to the Bitcoin Layer 1 community. However that may value lots in transaction charges.

Double spend assault

One other sort of mass exit assault found by the researchers is the double-spend assault. The assault would require the cooperation of a number of malicious nodes to overload the Bitcoin Layer 1 blockchain with fraudulent closing transactions.

If the attackers will pay the excessive charges ensuing from the community congestion, they may have the ability to skip the queue and double spend Bitcoin.

However this assault is simply attainable when there’s a flaw within the configuration of one of many Lightning Networks watchtowers.

Watchtowers position

The watchtowers hold observe of the state of the Lightning Community and retailer all information used for normal transactions, additionally known as justice transactions.

Trustworthy nodes must submit justice transactions to dispute the fraudulent requests, so if all watchtowers are working successfully, it’s simple to establish fraudulent channel closing requests.

A poorly maintained watchtower can present the right entry level for a mass double-spend assault, which may considerably have an effect on the victims.

A double spend assault could be disastrous for the community

The researchers wrote {that a} double-spend assault could possibly be essentially the most catastrophic if it occurs.

They added that the severity would solely enhance because the community continues to develop, therefore the necessity to take care of the vulnerabilities successfully and instantly.

They concluded by recommending the cautious configuration of watchtowers. “Ideally, they need to monitor layer-1 congestion and reply aggressively within the case of excessive congestion,” the paper famous.

The brand new revelation additional provides to the checklist of different vulnerabilities on the community, resembling a Griefing assault, Flood and loot, time dilation eclipse, and pinning.

In the meantime, regardless of these vulnerabilities, malicious gamers have been unable to use the community.

Posted In: Bitcoin, Know-how

Author: Traciwininger

Leave a Reply

Your email address will not be published.

Back to top button

Sign In


Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.