Researchers discover vulnerabilities in BTC Lightning Network

137
2
Researchers discover vulnerabilities in BTC Lightning Network

The researchers at the University of Illinois have discovered vulnerabilities in the BTC Lightning Network that could result in the theft of 750 BTCs, roughly $18 million. Cosimo Sguanci and Anastasios Sidiropoulos have published a paper in which they explained the vulnerability in the Layer 2 network, using a hypothetical case where malicious nodes can collude for an attack.

A zombie attack is a form of vandalism that congests the network and makes the lightning network unusable, according to the paper.

A zombie attack is a scenario in which some of the nodes are unresponsive, thereby locking funds linked to these nodes.

The paper stated that the only way to defend against this attack would be for the honest nodes to close their channel and return to the Bitcoin Layer 1 network. It's going to cost a lot in transaction fees.

Another type of mass exit attack discovered by the researchers is the double-spend attack. The attack would require the cooperation of several malicious nodes to overload the Bitcoin Layer 1Blockchain with fraudulent closing transactions.

If the attackers can pay the high fees resulting from network congestion, they will be able to skip the queue and double spendBitcoin.

This attack is only possible if there is a flaw in the configuration of one of the Lightning Networks watchtowers.

The justice transactions are used for regular transactions, and the watchtowers keep tabs on the state of the Lightning Network.

It is easy to ascertain fraudulent channel closing requests if all watchtowers are working effectively.

A poorly maintained watchtower can provide a perfect entry point for a mass double-spend attack, which could affect the victims.

A double spend attack would be disastrous for the network.

The researchers wrote that a double-spend attack could be the most catastrophic if it happens.

They said that the severity would only increase as the network continues to develop, so they needed to deal with the vulnerabilities quickly and immediately.

They recommended the careful configuration of watchtowers. They should be able to monitor layer 1 congestion and respond aggressively in the case of high congestion, according to the paper.

The revelation adds to the list of other vulnerabilities on the network, such as a Griefing attack, Flood and Loot, Time Dilation Eclipse, and Pinning.

Despite these vulnerabilities, malicious players have not been able to exploit the network.