Because a new class of replacement cycling attacks poses a threat to the Lightning Network, Antoine Riard thinks the Bitcoin community is facing a “hard dilemma.”
Citing security flaws and underlying difficulties in the Bitcoin ecosystem, security researcher and developer Antoine Riard is leaving the Lightning Network development team.
A new class of replacement cycling attacks puts Lightning in a “perilous position,” and Riard thinks the Bitcoin community faces a “hard dilemma,” according to a thread on the Linux Foundation’s public mailing list.
The second-layer solution layered on top of the Bitcoin blockchain is called the Lightning Network. By permitting off-chain, peer-to-peer transactions, it is intended to increase the scalability and efficiency of Bitcoin transactions.
Users can initiate payment channels, carry out several off-chain transactions, and settle the outcome on the Bitcoin blockchain by utilising the Lightning Network. These payment channels are the focus of the replacement cycling attack. This is a new kind of attack where the attacker uses discrepancies between different mempools to steal money from a channel participant. As stated by Riard:
“In my opinion, lightning is in a very dangerous situation as a result of this new class of replacement cycling attacks. Only a long-term solution, such as upgrading consensus or adding a memory-intensive history of all transactions, can be implemented at the base layer. Although I don’t think deployed mitigations are stopping sophisticated attackers as stated in the first full disclosure mail, they are useful against basic attacks.
Furthermore, Riard pointed out that modifying the Bitcoin network itself might be necessary to counter the novel kind of attack:
“Those kinds of adjustments are the ones that demand the highest level of openness and support from the community overall, since we’re changing the processing requirements for full nodes or the security architecture of the decentralised bitcoin ecosystem fundamentally.”
Lightning developers face a number of difficulties, such as complaints about the intricacy of the network and the requirements pertaining to user experience. The layer-2 network has grown in popularity since its launch in 2018, and as of this writing, DefiLlama data shows that its total locked value has reached $159.5 million. Nonetheless, this amount remains extremely small in comparison to the $587 billion market capitalization of Bitcoin.
Riard stated that he would be concentrating on the core development of Bitcoin going forward, but he also foresaw some difficulties facing the larger cryptocurrency ecosystem:
“On the other hand fully explaining why such changes would be warranted for the sake of lightning and for designing them well, we might need to lay out in complete state practical and critical attacks on a ~5 355 public BTC ecosystem. Hard dilemma. There might be a lesson in terms of bitcoin protocol deployment ”