Lightning Network, a second-layer scaling solution built on top of the Bitcoin Network, has been found during its testing phase to have security vulnerabilities.
Software engineer Rusty Russell, posting on Twitter under TheRustyTwit, attached a report to the Lightning Network developers saying “security issues have been found in various lightning projects which could cause loss of funds”.
Upgrade #lightning nodes please! c-lightning < 0.7.1, lnd < 0.7, eclair <= 0.3 vulnerable:https://t.co/4E2hHUy386
— TheRustyTwit (@rusty_twit) August 30, 2019
While giving no details beyond the codenames of the effected releases, the network coder added that full details would be released in four weeks and suggested the developers upgrade “well before then”.
The Network
Bitcoin’s Lightning Network – first proposed in 2015, white paper published in 2015 by Joseph Poon and Thaddeus Dryja – was built to address scaling problems on the original Bitcoin Network to enable faster payment transactions.
Security vulnerabilities have been reported before: in March 2018 when the Lightning Network faced a distributed denial of service (DDoS) attack that overloaded and put out of action around 200 of the more than 1,000 operational nodes. Developer Peter Todd had earlier predicted the network could be vulnerable to such attacks.
