Olaoluwa Osuntokun

Developers Said a Bug in Lightning Network That Could Cause Users Lose Bitcoin

September 11, 2019 at 3:27 AM | By Jit Sutradhar News

The developers have revealed a security hole in several versions of the Bitcoin Lightning Network software that could cause users to lose money if they are not updated.

The mistake was first made public on August 30 by bitcoin developer and Lighting Rusty Russel and confirmed Tuesday afternoon by Olaoluwa Osuntokun, CTO of the startup Lightning Labs.

It is not clear how much bitcoin, if any, was lost, or how many users were affected.

Several versions of Lightning node are vulnerable and should be updated immediately, Osuntokun warned a developer mailing list and added:

“We’ve confirmed instances of the CVE being exploited in the wild.”

Lightning, an experimental layer two solution, aims to allow transactions at almost no cost, making bitcoin feasible for mundane transactions such as coffee purchases.

But the error shows that technology still has problems like any financial product based on code.

“Security problems have been found in several lightning projects that could cause loss of funds,” Russel said in the original publication. “Full details will be released in 4 weeks (2019-09-27), please update well before that.”

Osuntokun emphasized that lightning is still in its infancy.

“We would also like to remind the community that we still have limits on the network to mitigate the widespread loss of funds,” he wrote, “and keep this in mind when you put funds into the network at this early stage.”

Lightning Labs continued the warning on Twitter, reminding users that it is still possible to lose funds on the network.

The affected versions include all versions of LND 0.70 and later, C-Lightning 0.70 and later, and éclair 0.3 and later.

Olaoluwa Osuntokun image via CoinDesk archive

This article is republished from coindesk.com. If you have any questions, objection or any other matter you can contact us. Thank you for visiting our website.

Comments (0)

    Write a Reply or Comment

    You must be Logged In or Sign Up to post a comment.