Bitcoin developer Antoine Riard recently quit working on Bitcoin's Lightning Network scaling solution due to a security hole he believes can only be fixed by changing Bitcoin itself. He said that he discovered and thoroughly tested a new category of replacement cycling attacks that allows bad actors to steal funds by exploiting a timelock contract timeout.
3748 sats \ 0 replies \ @Murch 29 Oct 2023
IMHO, this has been blown out of proportion. The attack exists, but it is fairly expensive and difficult to pull off. There are some simple things implementations do now like actively rebroadcasting the HTLC_timeout transaction, watching the mempool, and limiting their exposure by restricting the amount and count of HTLCs in flight which make it even harder and more expensive.
If you have a lot of money on a Lightning Node, be sure to be on a recent release and check your configuration, but other than that, it’s just one other way how you should be attentive of a hot wallet deployment and manage the amount of risk you’re willing to take.
reply
92 sats \ 2 replies \ @DarthCoin 29 Oct 2023
yes, sell all your sats now. Bitcoin is dead.
reply
10 sats \ 0 replies \ @bitcoin_rationalist 29 Oct 2023
☠️
reply
1 sat \ 0 replies \ @Zepasta 29 Oct 2023
😂🤣😂🤣
reply
73 sats \ 0 replies \ @nicosey 29 Oct 2023
If you want layer 1 security, use layer 1 and pay the fees...
reply
10 sats \ 0 replies \ @spot 29 Oct 2023
Lightning is in safe custody
reply
10 sats \ 0 replies \ @k00b 29 Oct 2023
No
reply
10 sats \ 0 replies \ @phygit 29 Oct 2023
No.
reply