No products in the cart.
- Latest
- Trending
ADVERTISEMENT
Researchers at the University of Illinois have discovered a vulnerability in the Bitcoin (BTC) Lightning network that could lead to the theft of 750 BTC (approximately $18 million).
Two researchers, Cosimo Sguanci and Anastasios Sidiropoulos, paper They used a hypothetical case where malicious nodes could collude for an attack to illustrate the vulnerability of layer 2 networks.
A federation of just 30 nodes was able to lock 31% of funds in the channel for about two months via a zombie attack and steal over 750 BTC via a massive double-spending attack.
According to the paper, a zombie attack is a type of vandalism that congests the network and renders the Lightning Network unusable.
A zombie attack is a scenario in which some nodes do not respond, resulting in the locking of funds connected to these nodes.
The paper states that the only way to defend against this attack is for honest nodes to close the channel and return to the Bitcoin Layer 1 network. But it costs a lot in transaction fees.
Another type of mass exit attack that researchers have discovered is the double-spend attack. The attack requires the cooperation of multiple malicious nodes to overload the Bitcoin Layer 1 blockchain with fraudulent closing transactions.
If an attacker can pay a high fee due to network congestion, they can skip the queue and spend twice as much Bitcoin.
However, this attack is only possible if the configuration of one of the Lightning Networks watchtowers is flawed.
Watchtowers track the state of the Lightning Network and store all data used for normal trades (also known as trades of justice).
Honest nodes have to submit justice transactions to dispute illegitimate requests, so illegitimate channel closure requests can be easily seen if all watchtowers are working effectively .
Poorly managed watchtowers can be prime entry points for mass double-spend attacks that can have a large impact on victims.
The researchers wrote that a double-spend attack could be the most devastating if it occurs.
They added that vulnerabilities need to be addressed effectively and quickly as they will only increase in severity as the network continues to develop.
They concluded by recommending careful organization of the Watchtower. Ideally, layer 1 congestion should be monitored and proactively responded to when congestion is severe, the paper notes.
More new revelations will be added to the list other network vulnerabilities, Griefing attacks, floods and loot, time-delayed eclipses, pinning, and more.
On the other hand, despite these vulnerabilities, malicious players were unable to exploit the network.
