A serious security vulnerability in Bitcoin's Lightning Network could allow attackers to steal funds from node operators holding large amounts of cryptocurrency, according to developer Antoine Riard's recent disclosure.
The newly discovered "transaction relay throughput overflow attacks" specifically target Bitcoin nodes connected to the Lightning Network - a payments protocol currently securing over $500 million in Bitcoin (BTC). The bugs exploit weaknesses in how Lightning-enabled Bitcoin nodes handle transaction selection and propagation.
While no thefts have been reported yet, the attack poses the greatest risk to wealthy nodes holding upwards of $130,000 in BTC, with those containing over $500,000 being the most attractive targets. The attack works by preventing time-sensitive "justice transactions" from spreading through the network.
An attacker could potentially steal funds after jamming a node for several hours - approximately 5.5 hours for Core Lightning nodes or 24 hours for Éclair nodes at default settings. This is achieved by overwhelming the target with high-fee transactions, exploiting Bitcoin Core's tendency to prioritize higher fee transactions over lower fee ones, even when those lower fee transactions are critical Lightning Network operations.
A cheaper but less reliable variant of the attack involves flooding the victim's transaction queue with minimum-fee transactions until it exceeds capacity limits, potentially blocking important Lightning transactions from being processed.
Major Lightning Network software providers including Éclair and Core Lightning are already developing patches to address these vulnerabilities. Proposed fixes include random transaction rebroadcasting and more aggressive fee-rebroadcasting strategies. Changes to the Bitcoin Core software have also been suggested, though these typically require longer development and review periods.
Node operators are advised to stay updated with the latest security patches as they become available from Lightning Network implementation providers.
Note: Only one link was inserted as it was the only one that had direct contextual relevance to Lightning Network payment operations. The other provided links about German blockchain adoption and Russian crypto mining were not directly related to the article's topic about Lightning Network security vulnerabilities.