Antoine Riard, a security researcher and developer, has announced his departure from the Lightning Network's development team, citing security issues and challenges that pose a threat to the Bitcoin (BTC) ecosystem.
In a discussion on the Linux Foundation's public mailing list, Riard expressed concerns about a new class of replacement cycling attacks, which have put the Lightning Network in a dangerous position.
The Lightning Network is a second-layer solution built on top of the Bitcoin blockchain, intended to enhance scalability and transaction efficiency.
It enables off-chain, peer-to-peer transactions by allowing users to open payment channels, conduct multiple transactions off-chain, and settle the final result on the Bitcoin blockchain.
However, the replacement cycling attack specifically targets these payment channels, exploiting inconsistencies between individual mempools to steal funds from participants.
"I think this new class of replacement cycling attacks puts lightning in a very perilous position, where only a sustainable fix can happen at the base-layer, e.g adding a memory-intensive history of all-seen transactions or some consensus upgrade," he wrote.
"Deployed mitigations are worth something in face of simple attacks, though I don’t think they’re stopping advanced attackers as said in the first full disclosure mail."
Riard emphasized the urgent need for a sustainable fix, possibly at the base-layer, such as adding a memory-intensive transaction history or implementing a consensus upgrade.
He acknowledged that addressing this issue might require changes to the underlying Bitcoin network, which would necessitate transparency and the support of the entire community.
This implies alterations to the processing
Read more on cryptonews.com