Bitcoin's Lightning Network Faces Existential Risk in "Flood and Loot" Attack
Two Bitcoin researchers have just proven that a previously well-known vulnerability on Bitcoin’s Lightning Network could earn hackers a pretty penny.
- Only nodes that accept the attacker’s requests to open a new payment channel are vulnerable.
- Prior to the publication of their research paper, 95% of LN nodes were willing to open channels with unknown nodes.
- The research paper was shared with the main developers of three LN implementations before it was publicly available.
Share this article
Two cryptocurrency enthusiasts from the Hebrew University in Israel tested a known attack vector involving Hash Time-Locked Contracts on the Lightning Network. They concluded that attackers could use these vulnerabilities to perform profitable attacks on unsuspecting victims.
What Is the “Flood and Loot” Attack?
The researchers, Jona Harris and Aviv Zohar, note that these vulnerabilities are inherent to the way HTLCs work, and avoiding this attack is impossible.
For the uninitiated, HTLCs are a form of cryptographic defense mechanism that lets payment receivers and senders eliminate counterparty risk while using the Lightning Network, or at least that was the original intent.
The attack enables a malicious actor to siphon Bitcoin from many victims simultaneously by overloading their channels and the lightning network’s capacity.
“We show that only 85 simultaneously attacked channels are enough to guarantee that the attacker gets away with some money,” said one of the researchers in a blog post.
The victim cannot defend itself against the attack either. The cost of failing the attack is negligible, as the attacker only spends the transaction fees and no other assets in the process.
The attacker starts by opening as many payment channels with victims and sends transactions to another node that the hacker owns.
Then at a time when Bitcoin transaction fees are high, the attacker accepts the transactions on one end but doesn’t deliver the HTLC owed amount on the other, forcing the victim to go to the blockchain to collect his fair share.
However, because the Bitcoin blockchain is congested and the attacker can change the fees he pays for his transactions, he can outbid the victim in a race to claim the HTLC.
If the attacker is successful, the blockchain treats the transaction as if it never happened, and returns all funds to the attacker.
The End of Bitcoin’s Lightning Network?
The researchers began studying this particular vulnerability after Bitcoin developer Matt Corallo discovered it on Apr. 21, 2020. Users on Twitter are expressing a mixture of disbelief, disappointment, theories on possible solutions, and accolades for the researchers.
Very good attack. It seems that the right near term solution is to strictly limit number of inflight HTLCs? I wonder if LN implementations are able to queue up HTLC requests by value so each payment can take its turn through a channel. https://t.co/wSr0uWmPM4
— Zero-Knowledge Goof (@LLFOURN) June 28, 2020
Solving this issue is vital for keeping the Bitcoin’s dreams of a speedy layer 2 solution alive.
Already, Ethereum is showing greater promise in this regard. As of last week, 10,000 synthetic BTC have merged into the growing DeFi space.
The future nonetheless looks bright for Bitcoin. Jona Harris told Crypto Briefing that:
“I believe the Lightning Network is here to stay. The community is aware of it and continuously works on improving the protocol.”