Square developer finds Bitcoin Lightning exploit

Within a thread spanning across both lightning and Bitcoin developer mailing lists, Matt Corallo, Blockstream co-founder—and recent Square crypto hire—disclosed a potential Lightning Network attack vector.

Acting as a second layer solution to the scaling conundrum, the Lightning Network, aims to improve the privacy, pace, and cost of Bitcoin transactions. However, with development still underway, a few issues are starting to crop up. 

While reviewing a new aspect of the Lightning Network transaction mechanism, Corallo stumbled across an exploit that would theoretically allow users to extract funds held within the Hash Time-Locked Contract or HTLC. HTLCs are essentially smart contracts that require payment recipients to confirm the transaction by generating cryptographic evidence of payment or forgo the ability to claim the payment altogether. If payment isn't confirmed, the sender can claim a refund.

The attack enables recipients to deny the sender from receiving this refund. Corallo submits several fixes for this but suggests that none are particularly easy or "sane."

Nevertheless, the developer notes that this isn't a pressing issue as it's impractical to pull off the exploit. Still given that only one-tenth of Lightning Network nodes hold 80% of its Bitcoin, the exploit could cause more problems than first thought. 

Corallo's disclosure comes just weeks after several researchers unveiled fundamental privacy flaws within the Lightning network. After mounting numerous attacks against the network, researchers managed to analyze transaction movements and amounts, as well as their senders and recipients. 

But as Decrypt noted at the time, discovering this shortcoming early could be a good thing.