Another vulnerability found in the Bitcoin Lightning Network
A vulnerability has been discovered in the Bitcoin Lightning Network node software. It is understood that the flaw was recently discovered with Lightning developer Conner Fromknecht disclosing this in the project’s mailing list on October 9 in which node operators were advised to upgrade their software as soon as possible.
Details regarding the vulnerability have been sketchy with the disclosure not revealing the extent of the recent flaw. The bug has already been fixed with the version 0.11 of the Lightning Network.
This version was released in late August and contained the update with most Lightning node operators already upgrading to v0.11.0. The Lightning team also revealed that full details of the bug would be released on October 20.
Lighting Labs also announced plans for a bug bounty program where developers will be rewarded with monetary incentives to discover future bugs.
Second critical bug in the Lightning Network
The bug discovered on the Lightning Network calls into question the security of the popular Bitcoin network. Lightning Network is currently developing a second layer payment protocol that would enable faster and cheaper transactions on the Bitcoin network.
This would be the second major vulnerability found in the Lighting node software following the discovery of an initial bug last year by Bitcoin developer Rusty Russell. The bug allowed attackers to steal funds by sending invalid transactions.
Although Lightning Labs never revealed how many users fell for the exploit, it is confirmed that the vulnerability was exploited by hackers. These bugs are thought to be due to short lived programming updates and not core security issues that are fundamental to the design of lightning itself.
Lightning Network is regarded as one of the best protocols that can integrate a better way to speed up Bitcoin transactions and reduce transaction fees. It has been adopted by major crypto companies like Bitfinex and CoinGate and is seen as one that can generate adoption within the crypto industry.
Despite this, Lightning Labs has always told users to be cautious about the amount of money that they put into the project claiming that the project is still in its early phases.