Second Vulnerability in Bitcoin’s Lightning Network Discovered

2020-10-10 01:10

Developers have found a new vulnerability in the Bitcoin Lightning Network’s node software, according to a recently published disclosure notice.

Few Details Have Been Revealed

Lightning developer Conner Fromknecht disclosed the issue on Oct. 9 on the project’s mailing lists. The disclosure advises node operators to upgrade their software as soon as possible.

It is not clear how serious the vulnerability is. The disclosure does not reveal how the potential exploit works, though it does suggest that the vulnerability has not been exploited “in the wild. Furthermore, the bug has already been fixed: version 0.11 of the Lightning Network software solves the problem and was released in late August, which means that many Lightning node operators have already installed the fix.

However, the team notes that the vulnerability was discovered in such a way that the disclosure process has been shortened. Full details about the bug will be released on Oct. 20.

Lightning Labs also says that it will begin a “comprehensive bug bounty program” in the near future, meaning that there will be monetary rewards for those who discover future bugs.

Lightning Network Security in Question

The Lightning Network is a still-developing layer-2 payment protocol that operates on top of Bitcoin, enabling faster and cheaper transactions on the network.

This is the second time a vulnerability has been discovered in Lightning’s node software. Last year, Bitcoin developer Rusty Russell found a separate vulnerability that allowed attackers to steal funds by sending invalid transactions. Though Lightning Labs never announced how many users fell victim to the exploit, the team confirmed that the vulnerability was indeed exploited “in the wild.”

Both of these bugs concern short-lived programming oversights, not security issues that are fundamental to the design of Lightning itself. Many see Lightning Network as the most promising way to speed up Bitcoin transactions and reduce transaction fees. Major crypto companies like Bitfinex and CoinGate have adopted the Lightning Network without any apparent issues.

On the other hand, Lightning Labs itself has stated that the project is in its “early stages” and has advised users not to “put more money on Lightning than [they are] willing to lose.” As such, it is not clear whether the Lightning Network is truly ready for prime time.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Decentralized Vulnerability Platform (DVP) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0 - H: $0.0003303
Капитализация $0 Rank 99999
Цена в час новости $ 0.0259254 (-100%)

network discovered lightning bitcoin vulnerability second

network discovered → Результатов: 60


Фото:

EOS New York Exposes Duplicate Block Producers

EOS New York has put forward a worrying discovery about the network. It seems not all block producers are independent, and some of the positions are controlled by a central entity. Single Entity Registered Six BP Domains EOS New York has discovered that six of the current block producers are linked to a single entity, potentially taking away nearly a third of the network block production power.

2019-11-28 17:28


Фото:

$400M of Illicit XRP Transactions Discovered by Risk Management Firm

Elliptic, a firm specializing in risk management for cryptoassets, has discovered $400M in illicit XRP transactions. In total, it represents 0.2% of all transactions on the network. In a press release shared with BeInCrypto, Elliptic has just added XRP to its monitoring suite and has found hundreds of XRP accounts linked to scams and illegal […] The post $400M of Illicit XRP Transactions Discovered by Risk Management Firm appeared first on BeInCrypto.

2019-11-20 17:13


Фото:

Bitcoin’s Lightning Network has security vulnerabilities that could cause loss of funds

Security vulnerabilities have been discovered in “various” Bitcoin Lightning Network projects that have potential to cause users to lose their cryptocurrency. Those running Lightning Network nodes have been advised to upgrade their clients as soon as possible, including those related to popular wallet solution Eclair.

2019-8-30 14:47


Фото:

Microsoft: Russian government hackers are targeting IoT devices

Microsoft today warned that Russian government hackers have been using video decoders, printers, and internet of things devices to breach computer networks. In a blog post, the Microsoft Threat Intelligence Center wrote that the “devices became points of ingress from which the actor established a presence on the network and continued looking for further access.

2019-8-6 03:36


Data Breach Report From Instagram Raises Concerns About Upcoming Facebook’s Digital Currency

Facebook, the most popular social network in the world, has been affected by different data leaks over the last years. This has harmed users and individuals that had data stored on their platform. Now, the security researcher Anurag Sen discovered that there was a public Amazon Web Services (AWS) database that had the information of […]

2019-5-21 18:33


New Mac Malware Can Steal Crypto from Exchanges, Can it be Prevented?

Unit 42, the global threat intelligence team at Palo Alto Network, discovered Mac malware that can steal cookies linked to crypto exchanges and wallets. Although usernames and passwords may not be sufficient to initiate withdrawals at crypto exchanges, if hackers manage to steal a combination of login credentials, web cookies, authentication cookies, and SMS data, it could steal user funds.

2019-2-2 21:32


Фото:

Ethereum Vulnerability Could Have Allowed Attackers to Drain Hot Wallets

A recent vulnerability in the Ethereum network could have reportedly allowed hackers to gain massive profits from cryptocurrency exchanges which haven’t set up a Gas usage limit. A Critical Vulnerability A group of researchers discovered a vulnerability in Ethereum which allowed attackers to drain exchanges by burning their ETH on high transaction costs or to benefit directly by minting GasToken.

2018-11-27 02:00