A study released on June 29 revealed a way to pull money out of Bitcoin (BTC) wallets on the Lightning network and take advantage of a bottleneck in the system.
According to the research article “Flood Loot: A Systemic Attack on the Lightning Network,” Jona Harris and Aviv Zohar from the Hebrew University of Israel, They assessed a systemic attack on the Lightning network that could be used to drain funds in BTC that were blocked in the payment channel.
Overload the blockchain with simultaneous attacks
The lighting network is used to send payments through intermediate nodes that can be used to steal Bitcoin. This generally has to be done quickly. However, the effective time window could be extended if hackers overload the network.
For the attack to be successful, hackers would only have to attack 85 channels at a time to steal money from the network.
Details behind the attack
The researchers provided further details and found:
“The key idea behind Hash Time Locked Contracts (HTLC) is that once set up, the target node” fetches “payments from the previous node on the way by providing a secret (a model of a hash). Our attacker keeps a payment between his both own nodes and extracts the payment at the end of the way. He refuses to cooperate if the payment is finally extracted from the originating node and forces the victim to do so through a blockchain transaction. “
The article clarifies The study results were shared with developers of the three main Lightning implementations before the report was released.
Cointelegraph reported Vietnamese online ticketing agency Future.Travel now accepts Bitcoin payments via the Lightning Network. The credit will be converted into the local currency at the time of ticket sales.