The Lightning Network is a second layer solution of the Bitcoin network. In practice, it solves the scalability problems of the Bitcoin network. Unfortunately, a developer has just highlighted a flaw in the Bitcoin Lightning Network, and literally created a Circuit Breaker for it.
The Lightning Network hit by a critical flaw
The independent developer specialized in Lightning Network and Bitcoin, Joost Jager, discovered a flaw that affects one type of Lightning Network payment channel. Thus, according to his findings, it is possible to block channels “with negligible cost and no effort at all“.
In practice, it is the “wumbo” type channels that are involved. These channels make it possible to exceed the payment limit between two parties, initially set at the equivalent of $1,760. In total, these channels allow exchanges of around 5 BTC.
Details of the flaw
According to Jager, these channels can be attacked because they can’t contain more than 483 hash time-lock contracts at the same time, regardless of its capacity. Thus, an attacker has the possibility to send 483 micropayments, which will result in paralyzing the channel for a period of two weeks.
The worst thing about this story is the simplicity with which this attack is achievable. Thus, Joost Jager has demonstrated that it is possible to achieve it using a maximum route length and add loops to reach the maximum value of Lightning.
As a result, 5.8 million satoshi would be needed to paralyze a channel.
“If the script kid is lucky, they only need to send 54 payments to get it done. A single tiny channel takes double-digit amounts of #bitcoin out of business. »
Circuit Breaker, the protection tool
Of course, Joost Jager is a developer. He didn’t just stop at finding the flaw, he took the opportunity to directly create a tool to mitigate this problem.
That’s how Circuit Breaker was born. This tool acts as a firewall for the Lightning Network. In practice, it allows nodes to protect themselves against the massive influx of transactions aimed at flooding their hash time-lock contracts.
“Therefore I started a new project called Circuit Breaker: a firewall for Lightning nodes. The primary goal is to encourage thinking about this problem, with the potential to grow into a full-fledged Lightning protection system. ” – Joost Jager
Now let’s hope that developers of Lightning Network clients integrate this tool to ensure that the loophole is never exploited.