Lightning network recent vulnerability and flash upgrade
By Inkarias - 2020-10-09
A vulnerability in LND versions 0.10.x and below has been found and disclosed to the Lightning Labs, the developer of the Lightning Network. For reminder , the main goal of the lightning network is design a payment protocol that can be used as an off-chain solution to the scalability problem encountered by the Bitcoin Blockchain regarding the number of transactions per second, but the concept could also be applied to other crypto -coins in general. The introduction of the Lightning Network stems from the limitations that not only Bitcoin, but many other cryptocurrencies face even today after years of development. The inherent growth of the crypto interest from users across the world generates an increasing utilization of main networks and thus require long term solutions.
A vulnerability found and mandatory upgrade
The Lightning Network team, which is working on scaling and speeding up Bitcoin transactions, has been warned of a vulnerability in their Lightning Network Daemon (LND). Per GitHub, LND is a complete implementation of a Lightning Network node. In its current state, it's capable of creating and closing channels, managing channel states, performing path finding within the network and passively forwarding incoming payments and even more actions across the network.
Conner Fromknecht , an engineer working on the solution stated : "While we have no reason to believe these vulnerabilities have been exploited in the wild, we strongly urge the community to upgrade to [LND] 0.11.0 or above ASAP[…]We will be publishing more details about this in the coming weeks along with a comprehensive bug bounty program," In June 2019, the team released their first Lightning Mobile App, describing it as “the first bitcoin mainnet app on all major mobile and desktop platforms.” to simplify the transactions system and help the community.
More details on this vulnerability can be seen https://lightning.network/