Blockstream core engineer Rusty Russell discovered critical Bitcoin Lightning Network bugs that were affecting C-Lightning, Éclair, and Lightning Network Daemon (lnd) implementations.

Early LN Versions Failed to Check Funding Transaction Amounts

Presently, three autonomous teams are working on the Lightning Network implementations: Blockstream, ACINQ, and Lightning Labs. The main objective of these teams, among other things, is to reduce transaction costs while enhancing the scalability and security of the Bitcoin network.

The Lightning Network is made up of micropayment channels. These channels update balances perpetually outside the BTC blockchain. But, once the payment channel is closed, the transactions that occurred between the micro-payment channels are then broadcast, as one transaction, to the blockchain. Thus, regardless of the number of transactions conducted, the blockchain is accessed only twice, when the channel is first activated and when the channel is closed. Thus, this method reduces the load of the Bitcoin blockchain significantly.

While reviewing new proposed features for the Lightning Network, Russell performed tests under the following problem statement,

“A lightning node accepting a channel must check that the funding transaction output does indeed open the channel proposed. Otherwise, an attacker can claim to open a channel but either not pay to the peer, or not pay the full amount. Once that transaction reaches the minimum depth, it can spend funds from the channel. The victim will only notice when it tries to close the channel and none of the commitment or mutual close transactions it has are valid.”

As a result, Russell detected that Blockstream implementations before the C-lightning version 0.7.1, did not perform this check.  “This can be exploited by a connecting peer and claiming to open a channel with any transaction id.” (CVE-2019-12998)

Similarly, regarding Lighting Lab’s lnd implementation, Russell noted, “prior versions did not check the amount. v0.7.0 and above properly check for the scriptpubkey, v0.6.x partially enforces the funding scriptpubkey, but pre-v0.6.0 did not verify at all.” (CVE-2019-12999)

Russell also tested whether ACINQ’s project Éclair performed proper checks regarding the amounts. Russell concluded, “v0.3.1 and above do this correctly, prior versions did not if using the bitcoin core backend; electrum users only check the script, not the amount.” (CVE-2019-13000)

Bugs Reportedly Fixed

The good news is that Russell, who belongs to the Blockstream team, shared his discovery with the other Lightning Network teams, ACINC and Lightning Labs. Thus, the bugs are reportedly fixed. Moreover, Russell points out to positive outcomes thanks to his discovery,

‘While this long-standing bug had not been independently discovered, and thus was unlikely to be discovered by a malicious party before being fixed, it did provide an opportunity to test communications and methods of upgrade across the entire lightning ecosystem.”

How do you think that Lightning Network implementations are helping to solve Bitcoins’ scalability issues? Let us know in the comments below!

Images via Bitcoinist Image Library, Twitter @rusty_twit