Will Heasman

Within a thread spanning across both lightning and Bitcoin developer mailing lists, Matt Corallo, Blockstream co-founder—and recent Square crypto hire—disclosed a potential Lightning Network attack vector.

Acting as a second layer solution to the scaling conundrum, the Lightning Network, aims to improve the privacy, pace, and cost of Bitcoin transactions. However, with development still underway, a few issues are starting to crop up. 

A $9,000 Bitcoin bet from 2013 just got settled
While reviewing a new aspect of the Lightning Network transaction mechanism, Corallo stumbled across an exploit that would theoretically allow users to extract funds held within the Hash Time-Locked Contract or HTLC. HTLCs are essentially smart contracts that require payment recipients to confirm the transaction by generating cryptographic evidence of payment or forgo the ability to claim the payment altogether. If payment isn't confirmed, the sender can claim a refund.

The attack enables recipients to deny the sender from receiving this refund. Corallo submits several fixes for this but suggests that none are particularly easy or "sane."

Nevertheless, the developer notes that this isn't a pressing issue as it's impractical to pull off the exploit. Still given that only one-tenth of Lightning Network nodes hold 80% of its Bitcoin, the exploit could cause more problems than first thought. 

Corallo's disclosure comes just weeks after several researchers unveiled fundamental privacy flaws within the Lightning network. After mounting numerous attacks against the network, researchers managed to analyze transaction movements and amounts, as well as their senders and recipients. 

But as _Decrypt_ noted at the time, discovering this shortcoming early could be a good thing.

Have a news tip or inside information on a crypto, blockchain, or Web3 project? Email us at: tips@decrypt.co.

bitcoin

bitcoin lightning network

exploit

privacy

sqaure and cash app

<span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Bitcoin (BTC) is a peer-to-peer cryptocurrency, originally described in a 2008 paper by the pseudonymous Satoshi Nakamoto. Launched in January 2009, it was the world’s first cryptocurrency, and remains the most popular, with the highest market capitalization of all cryptocurrencies.\r\n\r\nBitcoin was built on several key innovations. Firstly, Nakamoto guaranteed that Bitcoin transactions were immutable, by recording all transactions on a distributed ledger known as a blockchain. Secondly, he ensured Bitcoin’s scarcity by capping the total number of Bitcoin in existence at 21 million. Finally, the community was incentivized to verify transactions by receiving rewards in the form of “mined” Bitcoin for checking the accuracy of the blockchain.\r\n&quot;}" data-sheets-userformat="{&quot;2&quot;:803,&quot;3&quot;:{&quot;1&quot;:0},&quot;4&quot;:{&quot;1&quot;:2,&quot;2&quot;:14281427},&quot;8&quot;:{&quot;1&quot;:[{&quot;1&quot;:2,&quot;2&quot;:0,&quot;5&quot;:{&quot;1&quot;:2,&quot;2&quot;:0}},{&quot;1&quot;:0,&quot;2&quot;:0,&quot;3&quot;:3},{&quot;1&quot;:1,&quot;2&quot;:0,&quot;4&quot;:1}]},&quot;11&quot;:4,&quot;12&quot;:0}">Bitcoin (BTC) is a peer-to-peer cryptocurrency, originally described in a 2008 paper by the pseudonymous Satoshi Nakamoto. Launched in January 2009, it was the world’s first cryptocurrency, and remains the most popular, with the highest market capitalization of all cryptocurrencies.</span>

Bitcoin was built on several key innovations. Firstly, Nakamoto guaranteed that Bitcoin transactions were immutable, by recording all transactions on a distributed ledger known as a blockchain. Secondly, he ensured Bitcoin’s scarcity by capping the total number of Bitcoin in existence at 21 million. Finally, the community was incentivized to verify transactions by receiving rewards in the form of “mined” Bitcoin for checking the accuracy of the blockchain.

Bitcoin

Bitcoin (BTC) is a peer-to-peer cryptocurrency, originally described in a 2008 paper by the pseudonymous Satoshi Nakamoto. Launched in January 2009, it was the world’s first cryptocurrency, and remains the most popular, with the highest market capitalization of all cryptocurrencies.

Bitcoin was built on several key innovations. Firstly, Nakamoto guaranteed that Bitcoin transactions were immutable, by recording all transactions on a distributed ledger known as a blockchain. Secondly, he ensured Bitcoin’s scarcity by capping the total number of Bitcoin in existence at 21 million. Finally, the community was incentivized to verify transactions by receiving rewards in the form of “mined” Bitcoin for checking the accuracy of the blockchain.

The Lightning Network is a scaling solution. Image: Shutterstock.

<ul>
<li>A Square crypto developer finds lightning network exploits </li>
<li>The developer says there's no easy or 'sane" fix. </li>
<li>This follows recently unearthed privacy flaws within the lightning network. </li>
</ul>

In brief:

Insights into the biggest events shaping the crypto industry.

News

A developer for Square's crypto division has unearthed an exploit that allegedly enables money to be siphoned from Lightning Network Nodes.

Square developer finds Bitcoin Lightning exploit

A developer for Square's crypto division has unearthed an exploit that allegedly enables money to be siphoned from Lightning Network Nodes.

In brief:

Tips