New Vulnerability to be Found in Lightning Network

The cost of a serious attack implementation is around $2000
21 October 2019   372

Researchers found that the Lightning Network is vulnerable to DoS attacks. At this stage, they are very easy to implement, slowing down or even stopping 80% of payments, they warned.

Vulnerability was described by Saar Tochner, Aviv Zohar (Hebrew University of Jerusalem) and Stefan Schmid (University of Vienna).

Lightning payment passes through a network of nodes before reaching the recipient. If one of the nodes turns out to be an attacker, it can slow down the payment speed, say academics. For a successful attack, it is allegedly necessary to open several payment channels, promise zero commissions and then not broadcast payments.

By analyzing the principle of payment routing in different Lightning clients, an attacker can make his nodes more attractive, providing a high probability of a payment passing through them, the researchers said.

We can open channels that offer short and low-cost routes in the network which then are selected (almost always) for the route. We find that just five new links are enough to draw the majority (65% – 75%) of the traffic regardless of the implementation being used. Then, when a payment request comes in, we can just refuse to pass it onward. When a new path is selected […] the attacker channels are again selected for the route.
 

Aviv Zohar

Researcher, Hebrew University of Jerusalem

According to him, the cost of an attack on 80% of all transactions will be $ 2000 and will require the opening of approximately 20 payment channels.

In a commentary for CoinDesk, Lightning Labs developer Alex Bosworth emphasized that this is a rather dangerous attack, but the routing system in the LND client is constantly changing, making it a "moving target."

According to the Coindesk, the researchers haven’t seen this attack in the real world.

 

PBoC to Continue Anti-Crypto Propaganda

The regulator published a warning in its WeChat account called “Protection of the rights and interests of consumers of financial services”
23 March 2020   315

The People's Bank of China has returned to criticism of cryptocurrencies amid a worsening economic situation in the world.

On March 22, the regulator published a large-scale warning in its WeChat account under the heading “Protection of the rights and interests of consumers of financial services”. It describes three ways in which cryptocurrency service providers can mislead consumers.

First of all, the amount of fraud transactions with bots is serious. The average turnover rate of the top three overseas crypto currency exchanges is much higher than that of foreign licensed exchanges. Second, market manipulation exists in these exchanges where forced leveraged trading eventually causes the exchanges to explode. Third, money laundering is a big issue.

 

People's Bank of China

In addition, the Chinese Central Bank calls the opinion that Bitcoin may serve as a protective asset, erroneous. The regulator indicates its high volatility and recommends that citizens not follow the example of other investors and refuse to participate in cryptocurrency trading.