A recent study by scientists from Jewish University in Jerusalem, John Harris and Aviva Zohar found a new bitcoin network vulnerable used by crooks to steal cryptomonet.
Network overload - danger to coins in their articles, scientists describe a new system attack related to Lightning Network expansion, which could be used by cyber criminals for stealing bitcoin. The main problem of blockchain bitcoin is that the network is too slowly processing transactions. To speed up the process and not overload the network, an Extension of Lightning Network has been created, which removes payment from the blockchain, thus significantly facilities and accelerates transaction.
In doing so, the developers themselves knew that Lightning Network expansion has access to chain blocks and could be used by fraudulent crooks., but still no one has conducted quite depth research on this problem. As a result, Harris and Zokhar were the first to experiment and remove bitcoins during the network overload.
"Lightning works best when basic blockchain is used very minimally. The problem occurs if several Lightning channels close simultaneously in the drowning parts of the attacks : the basic bitcoin network cannot handle the amount of problems."
It is Lightning Network that uses cryptographic contracts from HTLC, which usually set the extreme term for transaction, thus forming a consistent list of transactions that will not overload the network. But problems start when the extreme transaction is nearing the end and the coin transaction is not yet done.
"The attack is based on the fact that bitcoin blockchain is filled with transactions so no one can add transaction. The intruder hopes he can advance contracts in the established terms. In case of success, the attacker can start "robbing" past contracts. "
In other words, evey closed channel leads to another transaction in the bitcoin chain. Attacking trying to shut9as many channels at the same time to increase the number of transactions going to blockchain, increasing the likelihood of theft.
Harris notes that the intruder targets 100 channels leads to at least 7402 HTLC's reward, with the average HTLC today includes bitcoins of about $138 This could mean a payment of approximately $1.
Finding "potential victims" was also very easy. In the simulation, researchers found that it was not difficult to configure channels with other users. Indeed, 95% og Lightning knots have taken their invitations to create a Lightning channel.
This is not the first study to show how vulnerable a bitcoin network can be. BelnCrypto previously reported that ZenGo company's research has found a new threat to cryptocurrency wallets, which is associated with double spending money. Ledger Live cryptogaments, BRD purse and Edge wallet were found in the risk group. The new threat, which is named BigSpender, allows intruders to cancel the bitcoin transaction, which banks will not br able to identify. ZenGo has sent official letters to the developers of purses who have not passed the protection check against double waste attacks. Along with this, supporters of the cryptomonet say that the problem is not at all with the wallet, but with the bitcoin itself.
As BCH Hayden Otto supporter previously stated, double-expense techniques make it easier fod RBF function (replacement for fee) added at the level of protocol by Bitcoin Core developers.
Nice article