Bitcoin's Lightning Network Is Still in Its Early Days, and You Should Tread Carefully

For years Bitcoin developers have tried to change and improve BTC, focusing mainly on Bitcoin’s scalability issues. Through the SegWit upgrade developers were able to mitigate some of the problems, the main one being Bitcoin’s very low capacity to handle a large amount of transactions in the network.

Many agree that for Bitcoin to have a larger transaction capacity, a second-layer network is required, allowing transactions to be sent through an alternative network that is connected to Bitcoin. One such network is the Lightning Network.

The Lightning Network started being conceived in 2015 and was launched in early 2018. If you go Lightning Network’s official website it is listed as a solution that offers scalable, fast, and low-cost Bitcoin transactions. But there is one question that everyone needs to ask before committing BTC:

Is Bitcoin's Lightning Network Safe?

 Put simply, no. Although it might become secure in the future, the truth is that there is numerous evidence that proves the network is currently unstable and vulnerable.

The first case surged in March 2018 when the network suffered a DDoS attack, sending 200 nodes lightning nodes offline (roughly 20% of all nodes at the time). No major problems or losses were reported as a result of the attack and it can even be said that the attack was to be expected.

New open source projects are susceptible to bugs and exploits and a month prior to the attack Peter Todd, one of Bitcoin Core’s developers, had reported that the Lightning protocol could very well "prove to be vulnerable to DoS [denial of service] attacks in its current incarnation.”

For the next few months the network registered a considerable growth in the number of users. However, during that time a number of reports came to light suggesting that the network was centralized, vulnerable to data mining and censorship, expensive to set up (hence not profitable), hard to use, and would take up to 30 years or more to be ready.

Despite the many negative reports, no major hurdles or occurrences were announced during the middle of this year. This lasted until late August this year when the Bitcoin Core team issued a security alert, claiming the network had a major vulnerability that could lead to the loss of funds.

According to the full disclosure report published in September, the vulnerability was in the process of creating and funding a Lightning Network channel. It would seem that when lightning nodes accepted a channel they wouldn’t verify that the funding transaction output did indeed open the channel proposed. This would open doors to attackers claiming to open a payment channel but not paying its peers. The victims would only realize they had been tricked after closing the payment channel.

The next month of October, a research paper was published indicating yet another vulnerability. Although it is important to mention this vulnerability hasn’t yet been enacted, the paper suggests the possibility of a denial-of-service (DoS) attack that could be used to slow down or even stop a large percentage of payments on the network. In the same month, a Reddit user reported the loss of 4 Bitcoins during the time a lightning node was offline.

The example above clearly illustrates how the Lightning Network is still far from being a safe alternative. With time, however, the network may evolve from the testing stages to a fully working solution. The debate over when that’s going to materialize, either in 18 months or 30 years, is a heated one. Perhaps a more relevant debate is how much is the future of Bitcoin linked to the success and growth of the Lightning Network. Only time will tell.

Featured image via Pixabay.