Vulnerability Strikes Lightning Network

Sead Fadilpašić
Last updated: | 1 min read

A vulnerability in LND versions 0.10.x and below has been found and disclosed to the Lightning Labs, the developer of the Lightning Network.

Source: Adobe/cherylvb

The Lightning Network team, which is working on scaling and speeding up Bitcoin (BTC) transactions, has been warned of a vulnerability in their Lightning Network Daemon (LND). Per GitHub, LND is a complete implementation of a Lightning Network node. In its current state, it’s capable of creating and closing channels, managing channel states, performing path finding within the network and passively forwarding incoming payments, etc.

“While we have no reason to believe these vulnerabilities have been exploited in the wild, we strongly urge the community to upgrade to [LND] 0.11.0 or above ASAP,” wrote engineer Conner Fromknecht in the Lightning Network developer channel.

While the vulnerability has been disclosed, full details, said the engineer, will be disclosed on October 20. “We will be publishing more details about this in the coming weeks along with a comprehensive bug bounty program,” he added.

Meanwhile, as reported earlier this year, in February, Lightning Labs said it started beta testing its first paid product, Lightning Loop, the aim of which is to improve transactions on the Bitcoin network.

In June 2019, the team released their first Lightning Mobile App, describing it as “the first [Bitcoin] mainnet app on all major mobile and desktop platforms.”

____

Learn more: The Lightning Network: Challenges and Solutions