In 2016, Joseph Poon and Thaddeus Dryja proposed the Lightning Network to make Bitcoin more scalable. This creates a second layer on the top of the Bitcoin blockchain that improves scalability as well as improves the speed of transaction as it will no more be needed to be approved by all the network nodes. However, last year in September, various vulnerabilities were found in the network after the formal security audit.
Blockstream, the Blockchain technology firm has been an active participant in the development of Lightning Network which developed c-lightning, the implementation of Liquid Network in the C programming language. Lately, a researcher at Blockstream, Christian Decker, along with other faculty members of the Computer Science department at the University of Vienna, created a research paper. Other authors of the research paper were, Klaus-Tycho Foerster, Utz Nisslmueller, and Stefan Schmid.
A Threat For Lightning Network End Users
As the LN uses gossip and probing mechanisms for supporting the nodes, the research paper examined whether these mechanisms could be exploited in order to get access to transaction data. The reports introduced probing attacks and timing attacks.
The paper described the probing attack as an attempt by the malicious actor to determine the maximum amount that can be transferred across a connected target channel. When the hacker tried to determine how close is the destination of the routed payment, it is defined as a timing attack.
According to the research papers, it is possible to track the channel payment on any node that is reachable from the attacking node as long as it has only one channel which is equal or lower to the second-lowest balance on the attacking node route.
To prevent being broadcasted through gossip, nodes can declare themselves as private, which will not only be useful for mobile wallets but for personal computer and node with limited uptime also, noted the researchers.
The papers further imply that it is possible to exploit the off-chain routing mechanisms of layer-2 scaling solution in order to acquire the private information about the network’s state. Since most of the individuals are connected to a single node, it could be a threat to end-users.
As the Lightning Network continues to develop, these issues will get improved hopefully enabling the blockchain to scale further.