The Bitcoin layer 2 and scaling solution, Lightning Network is exposed to a severe vulnerability which could put funds at risk on the network.
A Bitcoin developer Antoine Riard published a report citing the vulnerability in Lightning Network referred to as “replacement cycling attack.” The developer says that it could harm the security of assets being transferred on the Bitcoin layer 2 network.
Riard states that a sophisticated attack could breach this vulnerability while executing transaction-relay jamming method. Such an attack will target Lightning Network’s crucial component called Hash Time-Locked Contracts (HTLC). It will essentially cause network disruption and cause delays or prevention in transactions and a potential loss of funds.
However, despite the vulnerability being there since Lightning Network went live, there have not been any attempts towards a security breach. Neither such method used in “replacement cycling attack” has been reported in the past 10 months, Riard highlights.
The vulnerability is also disclosed to the Lightning Network team and they have taken necessary steps for mitigation with releasing patches across the LN ecosystem.
The report further suggests that scope of the attack might extend to other number of Bitcoin applications such as peerswap, coinjoins and others which have used Lightning Network in their base.
As a Bitcoin developer, Riard has halted further development efforts for the network citing that the new class of replacement cycling attacks puts it in a very critical condition which can only be fixed at the base-layer.