Bitcoin coin in front of lightning

The unsecure Lightning Network as BTC’s layer 2 scaling protocol

This post originally appeared on ZeMing M. Gao’s website, and we republished with permission from the author. Read the full piece here.

University of Illinois researchers have discovered a vulnerability in Bitcoin’s most popular second layer scaling protocol, the Lightning Network. Cosimo Sguanci and Anastasios Sidiropoulos published an academic paper describing a hypothetical attack based on a collusion of node operators. At the time of publication, they estimated that a coalition of 30 nodes could steal 750 bitcoin ($17 million). – Researchers discover critical Bitcoin Lightning Network vulnerability

This is good research. The result is not surprising. But I should put in a side note.

The question of “how many nodes would it take to form a collusion to steal how much money?” is not even the most important inquiry. A purely mathematical frame of this kind of an inquiry may have academic value but is of less practical value.

The much more important question is, take the system as a whole, how likely are the nodes to actually collude? This question reveals the real differences between different networks. And Lightning Network is a separate network, not a second layer of the same Bitcoin network.

“System as a whole” means to consider all networking attributes, including connectivity, communications, required transparency and competitive economics between the nodes; the alignment of interests; nodes transparency to the public; retribution mechanisms, etc.

Each of the above requires deep understanding of the system to evaluate.

For example, the “alignment of interest” bears on whether a node is more incentivized to cheat than to be honest, whether nodes’ normal business interest is both significant enough to secure honest dedication and sufficiently separated from the transactions to shield temptations, whether the economics of collusion makes sense for the nodes, etc. With a system that is human and economic in nature, all of these questions go well beyond abstract mathematical concerns.

And that is where Lightning Network (LN) is fundamentally different from Bitcoin mining nodes.

The Bitcoin mining nodes operate according to PoW and Bitcoin consensus, which together make it very hard (even economically nonsensical) for major mining nodes to be anonymous and collude with each other. In contrast, the Lightning Network is a completely unblockchain no-proof-of-anything random hopping network.

Inefficiency and noncompliance with the law are only part of LN’s problems. The security of the Lightning Network is even worse than the common non-blockchain centralized systems. But even that in itself is not the biggest problem with LN. The even bigger problem is the pretense and untruth. Lightning Network places itself under the Bitcoin blockchain umbrella, and pretends to offer a secure blockchain solution when its security is even worse than a non-blockchain solution.

As a result, the fact that Lightning Network is a separate network not a layer 2 (L2) of the same Bitcoin network is largely unknown. The market is ignorant of such critical matters. Even the development community is oblivious to it.

Untruth is the biggest threat to today’s society and economy, even worse than incompetence. 

However, it should be noted that the above quoted paper refers to BTC as Bitcoin. The real Bitcoin according to Satoshi’s Bitcoin whitepaper is Bitcoin Satoshi Vision (BSV), not BTC Core (BTC). BSV is the only Bitcoin blockchain that has unbounded scalability on layer 1 and does not suffer such vulnerabilities. BSV supports L2 solution such as genuine Bitcoin payment channels and overlay networks for special applications. But these are all part of the Bitcoin network not vulnerable separate networks. Other than that, even micropayments can be placed directly on chain. See Payment channels and Why couldn’t BTC also use payment channels?

This is important because it relates to the overall network integrity.

Think about the Internet itself as an analogy. There is only one Internet based on one base protocol TCP/IP. There are many applications, but they don’t each form its own network, yet claim to have the same Internet properties; and there are also many overlay networks such as VPNs, but these overlay networks are a part of the same Internet conducting Internet-protocol-based communications using encapsulation and virtualization. They’re not separate networks doing “rollups” or “hops” with only occasional perfunctory “settlement” on the Internet.

But more importantly, these apps and networks don’t exist just to make the Internet scalable. The Internet itself is scalable. It just needs to be further enriched by useful applications.

That is a right structure and that’s why the Internet has been so successful.

But look at what we’ve got with cryptocurrencies, after multitrillion dollars.

Blockchain today is what Internet was in early 1990s, except that blockchain suffers much deeper entrenchment caused by ICO’s and NFT’s. With some exceptions, cryptocurrencies and their cousins NFTs are the biggest enemy of Blockchain because they mislead capital and brainpower to build houses on wrong foundations while the true foundational work is ignored and even attacked. But it is changing. Slowly at first.

A far better new Internet with IPv6 and blockchain integrated at the base layer is emerging. We encourage more able-minded people to lift up your eyes and look into the right direction. Watch the IEEE presentation on IPv6 and blockchain integration.

Watch: The BSV Global Blockchain Convention panel, Blockchain mining & energy innovation

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.

[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]
[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]