Bitcoin’s Lightning Network Is A Dangerous Neighborhood

Lightning Network is supposed to be the panacea for bitcoin’s scaling issues and it is a much hailed project among bitcoin proponents. And it is conversely, much mocked project by the altcoin fans and bitcoin skeptics.

An experimental layer-two solution, Lightning aims to allow nearly costless transactions, making bitcoin feasible for mundane transactions such as coffee purchases.

The development of this highly complex layer 2 solution is deliberately slow as the developers put priority on network security and logic, rather than speed of progress.

One Reddit user learned Lightning Network’s perils and limitations the hard way, by losing around 4 BTC via his LN node.

He posted the transcript of his conversation with other node admins where he wanted to confirm did he really lose around $30k by making a “wrong turn” on lightning network.

Here is the full transcript, INWHY is the user that lost the funds.

INWHY Today at 7:53 AM
am I able to loose money after force-closing channels?
Screenshot 2019-10-23 at 7.51.16.png
Screenshot 2019-10-23 at 7.51.16.png
50 replies
Will O’Beirne 2 hours ago
Yes, if you force close using an older invalid state, they can take the money while it’s timelocked if their node is online.

INWHY 2 hours ago
wow… looks like I lost 4BTC

INWHY 2 hours ago
because my LND wasn’t syncronised, that’s weird (edited)

moli 2 hours ago
#reckless :rekt:

INWHY 2 hours ago
it was buggy and stuck…

moli 2 hours ago
to be frank this isn’t the first time i’ve seen you with the same issue of carelessly locking so much money on useless nodes and then decided to just mass close them all

INWHY 2 hours ago
I’ve used the default closeallchannels –force function, nothing else, to be frank. (edited)

INWHY 2 hours ago
also, my node wasn’t useless, but one of the biggest in the network, called LIGHTNING-CASINO.COM

moli 2 hours ago
ah this time it’s worse because you force closed from an older state

moli 2 hours ago
you know it’s a “no-no”, right? because it’s a breach

INWHY 2 hours ago
I’ve force-closed from a backup, because there was a power outage, then why the “no-no” function is ever available?! (edited)

moli 2 hours ago
how old was the backup?

INWHY 2 hours ago
few days prior, but after force-closing them the LND got stuck without synchronising the graph

INWHY 1 hour ago
I’m working as a system administrator, have some server knowledge and I bet that everybody who have bigger node will face the same issues, it happens only when you close* you channels, openings are fine

moli 1 hour ago
so the backup is a few days old? even a few minutes or hours old , they can cause a breach, that’s how it is

INWHY 1 hour ago
then how to proceed if the channel graph file is broken? that happened after updating from vulnerable LND 6.1 to 7.1 beta

INWHY 1 hour ago
@moli if “few minutes” old backup can cause a breach, that means that LND doesn’t support backups at all, am I right? make backups and after 10 minutes they are old and unusable… (edited)

moli 1 hour ago
@INWHY since the beginning of lnd and lightning network, we’ve been told not to do backups

moli 1 hour ago
channel state is very dynamic you can’t back it up like any static files

INWHY 1 hour ago
what’s the purpose of the backup functions then?

moli 1 hour ago
what backup functions?

INWHY 1 hour ago
exportchanbackup and restorechanbackup

moli 1 hour ago
that is different

INWHY 1 hour ago
I have those files

moli 1 hour ago
those files are for recovery, but you said you did a backup of the data directory .lnd and you ran it after a power outage?

INWHY 1 hour ago
yes, am I able to use those recovery SCB files?

INWHY 1 hour ago
also, they are 3 different types, JSON one, binary one, and 2nd type of binary one

moli 1 hour ago
yes, which lnd version are you running?

INWHY 1 hour ago
7.1

INWHY 1 hour ago
Screenshot 2019-10-23 at 9.16.30.png
Screenshot 2019-10-23 at 9.16.30.png
INWHY 1 hour ago
Screenshot 2019-10-23 at 9.17.01.png
Screenshot 2019-10-23 at 9.17.01.png
moli 1 hour ago
so did you run the SCB ? how did you run the “backup” ?

INWHY 1 hour ago
via exportchanbackup –all > backup

INWHY 1 hour ago
and exportchanbackup –output_file channel-backup-file

moli 1 hour ago
but you said you ran a .lnd backup and force closed all your channels? (edited)

moli 1 hour ago
this is very confusing

INWHY 1 hour ago
yes, using previous files state. I wonder, am I able to use those static channel backups at the moment? (edited)

moli 1 hour ago
no

moli 1 hour ago
you have already closed all your channels with an older state? that’s it, the money is gone

INWHY 1 hour ago
how can I know if the state is older or not?

moli 1 hour ago
the backup was a few days old

INWHY 1 hour ago
as you said even few minutes old backup is enough to cause a breach, which makes them totally unusable

INWHY 1 hour ago
in my case, I have veeam backups for the last ~320 days + SCBs, + paper backup, and after force-closing all channels which LND approved and initiated, my funds are lost and unavailable

moli 1 hour ago
if you run an older backup, lnd still can run but when you force close channels, that’s when the breach happens

INWHY 1 hour ago
understood, my final conclusion is that just need to forgot about backups there… or need to make totally live SCBs every single second… (edited)

moli 1 hour ago
after the power outage if your current .lnd data could not start, you could use the SCB recovery and it would ask your peers to close channels and you would get your money back

INWHY 1 hour ago
I was unable to recover the channels from the SCB, because there was an error that those channels are already existing, about the peers there are more than 400 channels, just cannot contact them. (edited)

INWHY 45 minutes ago
I bet that exchanges will start using that technology only* if they have a good and stable backup structure… without it only enthusiast like me will rush on it (edited)

INWHY 40 minutes ago
@moli thank you for all that info. appreciated

moli 38 minutes agonp, sorry for your loss.. but please this is so fundamental i hope you would do some reading or asking for help before doing something drastic next time
:+1::skin-tone-3:

LN had security vulnerabilities earlier as well

Security vulnerabilities have been discovered back in September in “various” Bitcoin Lightning Network clients that have potential to cause users to lose their cryptocurrency.

Those running Lightning Network nodes have been advised to upgrade their clients as soon as possible, including those related to popular wallet solution Eclair.

Lightning Network is still very much for enthusiasts, so its users are probably a bit more likely to have made these routine updates than your average user elsewhere.

Lightning Network is highly experimental ground

The Lightning Network is currently under development. It will become a decentralized network that enables instant off-chain transfer of the ownership of bitcoin, without the need of a trusted third party.

The system utilizes bidirectional payment channels that consist of multi-signature addresses.

One on-chain transaction is needed to open a channel, and another on-chain transaction can close the channel.

Once a channel is open, value can be transferred instantly between counterparties, who are exchanging real bitcoin transactions, but without broadcasting them to the bitcoin network.

New transactions will replace previous transactions and the counterparties will store everything locally as long as the channel stays open.

intelligent crypto
How are  regular people making returns of as much as 27,144% in a year?  By picking the right coin at the right time - click the button to learn more.
Crypto arbitration still works like a charm, if you do it right! Check out Bitsgap, leading crypto arbitrage bot to learn the best way of doing it.

CaptainAltcoin's writers and guest post authors may or may not have a vested interest in any of the mentioned projects and businesses. None of the content on CaptainAltcoin is investment advice nor is it a replacement for advice from a certified financial planner. The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of CaptainAltcoin.com

Torsten Hartmann

Torsten Hartmann

Torsten Hartmann has been an editor in the CaptainAltcoin team since August 2017. He holds a degree in politics and economics. He gained professional experience as a PR for a local political party before moving to journalism. Since 2017, he has pivoted his career towards blockchain technology, with principal interest in applications of blockchain technology in politics, business and society.

We will be happy to hear your thoughts

Leave a reply

CaptainAltcoin
Logo