pull down to refresh

Bitcoin developer Antoine Riard recently quit working on Bitcoin's Lightning Network scaling solution due to a security hole he believes can only be fixed by changing Bitcoin itself. He said that he discovered and thoroughly tested a new category of replacement cycling attacks that allows bad actors to steal funds by exploiting a timelock contract timeout.
IMHO, this has been blown out of proportion. The attack exists, but it is fairly expensive and difficult to pull off. There are some simple things implementations do now like actively rebroadcasting the HTLC_timeout transaction, watching the mempool, and limiting their exposure by restricting the amount and count of HTLCs in flight which make it even harder and more expensive. If you have a lot of money on a Lightning Node, be sure to be on a recent release and check your configuration, but other than that, it’s just one other way how you should be attentive of a hot wallet deployment and manage the amount of risk you’re willing to take.
reply
yes, sell all your sats now. Bitcoin is dead.
reply
😂🤣😂🤣
reply
If you want layer 1 security, use layer 1 and pay the fees...
reply
Lightning is in safe custody
reply
reply
reply