Lightning Network found to not be as secure as some thought

Getting your Trinity Audio player ready...

Despite having over two years of development behind it, the solution created by Bitcoin Core (BTC) developers to handle transactions, the Lightning Network, is still in the experimental phase. Last Friday, a coder revealed that some nodes could have serious vulnerabilities that would result in the loss of users’ money. The news follows a report from early last year that the network was anything but secure.

According to a tweet by Australian software developer, as well as BTC Lightning programmer, Rusty Russell, immediate upgrades are needed. The vulnerabilities are found in “various lightning projects which could cause loss of funds.” He asserts that all nodes need to upgrade in order to make the entire network secure.

Upgrade #lightning nodes please! c-lightning < 0.7.1, lnd < 0.7, eclair <= 0.3 vulnerable:https://t.co/4E2hHUy386

— TheRustyTwit (@rusty_twit) August 30, 2019

Russell didn’t go into detail about what the issues are, but more details are expected to be released within the next month. He linked to a report he published on linuxfoundation.org about the vulnerabilities, adding that they center on “CVE-2019-12998 c-lightning < 0.7.1,” “CVE-2019-12999 lnd < 0.7” and “CVE-2019-13000 eclair <= 0.3.”

BTC developers first started discussing an alternative for transactions years ago, ultimately coming up with the Lightning Network in February 2015. The reason for the secondary network, they asserted, was because blockchain technology was incapable of handling large block sizes. As a result, on-chain scaling would be impossible and another solution was needed. However, the Lightning Network removes the bulk of the transaction from the blockchain, making it less than ideal and against the mantra that is Bitcoin.