Last Updated on by
The bitcoin’s lightning network came as a panacea when people across the crypto world start saying that that the lightning network will help to really make small transactions using the bitcoin in the real life. The best and most popular example given was, that now you can really buy a pizza or a coffee using the bitcoins.
However, recently, it came to light that a popular payments network running on the bitcoin blockchain was suffering from some vulnerabilities, where attackers could fly off with users’ money.
This was initially disclosed to the general public on 30th August by bitcoin developer Rusty Russell, the full details came in just last week.
According to the developers, there is a chance where an attacker could claim to open a lighting payment channel and either not pay the full amount to the peer or not pay to the peer.
We had discussed about the lightning network payment protocol and how big companies like ripple are involved in it. Lightning Network enables ultra-fast transactions at a fraction of the cost involved in the real bitcoin transactions.
To send payments, the users have to open payment channels to send and receive funds from other lightning users.
Due to the said vulnerability, an attacker could impost to open a new payments channel and send fake transactions. An honest user could then send real money to the attacker, without knowing that the previous transactions were fake and imaginary.
According to Russell, all major lightning clients have been upgraded to fix this vulnerability.
It took three months to disclose this vulnerability. The companies say that developers and the companies took each step with caution. Moreover, the community and the companies involved did not want to make it public. They took three months to study and update. ACNIQ is one such bitcoin technology company who has been working on this.
Bitcoin Lightning Network Explained
The Lightning Network doesn’t need block confirmations for the payments done. They are instant and atomic. The lightning network can be used at retail point-of-sale terminals with the user device to device transactions or anywhere, where instant payments are needed.
Crypto funds are placed in two-party crypto multi-signature channel bitcoin addresses. This channel can be thought of representing an entry on the bitcoin public ledger. To spend funds on the channel, both parties agree on the new balance. The latest balance is stored as the most recent transaction signed by both parties spending from the channel address.
To make the payments on the channel, both parties sign a new exit transaction spending from the channel address. With this, all old exit transactions are invalidated. It does not require the cooperation from the counterparty to exit the channel. Both parties have the option to unilaterally close the channel, ending the transaction relationship.
All parties have multi-signature channels on this network, anyone can send a payment to any other party across this network. By embedding the payment condition on the knowledge of a secure cryptographic hash, payment is done across a network of channels without the need for any party to have unilateral custodial ownership of funds.
The Lightning Network enables what was previously not possible with trusted financial systems vulnerable to monopolies—without the need for custodial trust and ownership, participation on the network can be dynamic and open for all.
Let me try to explain the above with an example.
My two friends Honky and Tonky want to send money to each other frequently. They can set up a channel on the Bitcoin Lightning Network.
They start by creating a multi-signature wallet, both of them can access with their respective private keys. They can both deposit bitcoins into that wallet.
Now, both of them can perform unlimited transactions amongst themselves. These transactions are redistribution s of the funds stored in the shared wallet. Anyone of them can send BTC to the other, by transferring the right of ownership of that amount to the other. Both of them use their private keys to sign for the up-dation of the balance sheet.
The actual distribution of funds will happen when the channel is closed. The algorithm will use the most recent signed balance sheet to determine the ownership of the bitcoins.
Once the channel is closed, the information of the initial and final balance is broadcasted to the bitcoin blockchain. In this way, the bitcoin lightning network enables to conduct numerous transactions outside the main blockchain and finally record them as a single one.
Acinq software developer Bastien Teinturier image via Twitter