Fun

Custodial Lightning Network Service Attack Discovered by LN ‘Newbie’ — Hacker Strikes 6 LN Custodians

News Feed - 2021-09-21 06:09:52

Custodial Lightning Network Service Attack Discovered by LN "Newbie" — Hacker Strikes 6 LN Custodians


On September 18, a Redditor posted to the r/bitcoin forum and explained how he discovered a way to “attack [the] lightning Network’s custodial services.” The Reddit account dubbed “Reckless Satoshi” wanted to figure out if a “discrepancy between real routing fees and service’s transaction fee can be exploited for a profit.” The researcher disclosed that he wanted to see how large the damage could be and said “it is bad.” 6 Lightning Network Custodial Services Attacked, Researcher Discloses Findings to Offenders Prior to Public Disclosure


A Redditor called Reckless Satoshi published a disclosure post on r/bitcoin this past Saturday and disclosed how he had found a vulnerability with routing fees and some of the Lightning Network’s custodial services. The research attack was done in good faith and after it was complete he disclosed the bugs to the offending services before publishing his findings. Reckless Satoshi used the Lightning Network (LN) attack on six different services including Bitfinex, Muun, Okex, Lnmarkets, Southxchange, and Walletofsatoshi. The Reddit post published by Reckless Satoshi on September 18, 2021.


Reckless Satoshi said the attack was “cheap, but not free,” and a “simple attack.” After depositing funds into the custodial services, Reckless Satoshi used “a node that will be routing the payments between the custodial service and the receiving node.” The attack’s parameters according to the Github code published by Reckless Satoshi.


“If a positive net return is possible, then it is just a matter of optimizing the size of the fee collected and the transaction speed rate to see how big the damage could be,” Reckless Satoshi added. “It is easy to see how this attack must be feasible on any service with [a] free withdrawal fee.”


Reckless Satoshi also published his attack to the code repository site Github. After explaining how he placed a node in the middle, the researcher added: This is one of the simplest attacks. In fact, the only LN attack I can think of, but also I am just a newbie in the process of learning. I assume there are people out there much more capable of conducting this research. Who knows, maybe there have been sizable losses in the past that remain undisclosed. Lightning Network Total Value Locked at $112 Million, Up Over 100% Since the End of July


The visitors who read Reckless Satoshi’s forum thread thanked him for conducting the research and disclosing the bugs to specific custodial LN providers. “I’m glad to see that people are not hacking/exploiting the system just for malicious purposes or to make quick profit out of it,” an individual wrote in response to the disclosure. Moreover, a number of Redditors discussing Reckless Satoshi’s findings argued over what they should call the attack. The Lightning Network total value locked (TVL) on Monday, September 20, 2021, according to defipulse.com stats.


At the time of writing, the Lightning Network has seen its total value locked (TVL) slide by 9.3% during the last 24 hours. However, since July 20, 2021, the LN TVL jumped over 100% from $56 million that day to today’s (2,600+ BTC) $112 million TVL held in the Lightning Network. Much of the 9.3% TVL slide on LN is due to the recent crypto market rout on Monday morning, September 20, as the crypto economy has slid 9% in value during the last 24 hours.


What do you think about the Lightning Network attack described by the Redditor Reckless Satoshi? Let us know what you think about this subject in the comments section below. Largest NFT Market by Volume Opensea Launches Smartphone Application NEWS | 11 hours ago JPMorgan Strategist Estimates Ether"s Fair Value at $1,500 Amid Competition From "Ethereum Killers" NEWS | 16 hours ago Tags in this story $112M TVL, 6 offenders, Attack, BitFinex, bug, Hacker, lightning network, ln, LN bug, LN hack, LN Newbie, LN Services, Lnmarkets, Muun, Node in the middle, Okex, Profit, Reckless Satoshi, Routing fees, Southxchange, The Lightning Network, Vulnerability, Walletofsatoshi.


Image Credits: Shutterstock, Pixabay, Wiki Commons, defipulse.com Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments

News Feed

Gaming Giant Animoca Brands Reveals Ban Against Russian Users, Co-Founder Compares Russia to North Korea
Gaming Giant Animoca Brands Reveals Ban Against Russian Users, Co-Founder Compares Russia to North Korea Blockchain gaming firm Animoca Brands has revealed the company is breaking
While Bitcoin Tapped New Price Highs, 78,000 Short Positions Worth Over $800 Million Got Liquidated
While Bitcoin Tapped New Price Highs, 78,000 Short Positions Worth Over $800 Million Got Liquidated While bitcoin has crossed a new all-time price high in 2021,
Analyst Forecast ‘Highly Bullish’ 2025 For Ethereum: Is The Bleeding Over?
Este artículo también está disponible en español. Ethereum (ETH) has started to climb some levels after it fell to the $3,100 support zone last week. The second-largest c
Prashant Jha18 minutes agoSam Bankman-Fried just like Bernie Madoff, Cardano founder saysCharles Hoskinson likened SBF to Bernie Madoff, the mastermind behind the largest Ponzi scheme in history, and says the media is gi
Crypto miners stole $723M of electricity in Malaysia since 2018: Report
Brayden Lindrea8 hours agoCrypto miners stole $723M of electricity in Malaysia since 2018: ReportMalaysia’s Deputy Minister of Energy Transition and Water Transformation revealed the number during an event where they d
Bill Miller’s Hedge Fund Sees Bitcoin Having ‘Significant Upside Potential’ as Digital Gold
Bill Miller"s Hedge Fund Sees Bitcoin Having "Significant Upside Potential" as Digital Gold In a report filed with the U.S. Securities and Exchange Commission (SEC), the fund manag
German, US gov‘ts move $150M in crypto
Josh O"Sullivan14 hours agoGerman, US gov‘ts move $150M in cryptoThe German and U.S. governments make strategic moves with significant Bitcoin and Ethereum transfers, drawing market attention.4576 Total views6 Total sh
Amaka Nwaokocha10 hours agoCanon’s new technology competes with ASML in chip manufacturingThe new system, FPA-1200NZ2C, can produce 5 nanometer semiconductors and scale down to 2 nm, surpassing the capabilities of the
Ethereum Charts Signal Potential Bottom – All Eyes On Next Move
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
For the 1st Time, All ERC20 Tokens Can Be Lent and Borrowed With UniLend’s Upcoming Version 2
For the 1st Time, All ERC20 Tokens Can Be Lent and Borrowed With UniLend"s Upcoming Version 2 press release PRESS RELEASE. UniLend Finance published their protocol update blog intro
3 reasons why $65K marks the bottom for Bitcoin
Marcel Pechman4 hours ago3 reasons why $65K marks the bottom for BitcoinBitcoin"s resilience amid price drops indicates strengthening support at the $65,000 level.5529 Total views173 Total sharesListen to article 0:00Mar
Bitcoin Cold Case: The Tale of the Dormant Wallet With Close to 80,000 BTC From Mt Gox
Bitcoin Cold Case: The Tale of the Dormant Wallet With Close to 80,000 BTC From Mt Gox For the last 11 years, a mysterious wallet associated with the Mt Gox scandal has sat dormant