Lightning Network Discloses “Concerning” Crypto Vulnerabilities

The team behind Lightning Network has released extensive details on the vulnerabilities that were discovered in the cryptocurrency protocol and its software implementations.

Attackers could have exploited these vulnerabilities to cause DoS and to disrupt crypto transactions by intercepting “smart contracts” made between two parties.

Lightning Network is a payment protocol that runs on top of blockchain-based cryptocurrencies like Bitcoin, Ethreum, etc.

Its main selling point is the speed of blockchain transactions. 

Lightning’s website touts the protocol with phrases, “Lightning-fast blockchain payments without worrying about block confirmation times. Payment speed measured in milliseconds to seconds.” 

October’s “partial” disclosure

Earlier this month, Conner Fromknecht, Head of Cryptographic Engineering at Lightning Labs had published a partial disclosure related to the vulnerabilities on Linux Foundation’s mailing list. 

“We are writing to let the Lightning community know about the existence of vulnerabilities that affect lnd versions 0.10.x and below,” said Fromknecht.

This happened on October 9th, when Lightning team’s focus was mainly on prompting the users to upgrade to non-vulnerable versions of the products.

“The circumstances surrounding the discovery resulted in a compressed disclosure timeline compared to our usual timeframes. We will be publishing more details about this in the coming weeks along with a comprehensive bug bounty program,” Fromknecht had further written.

Also Read: How Bank Disclosure Of Customer Information Work For Security

Lightning Network vulnerabilities fully disclosed this week

This week both vulnerabilities impacting the Lightning Network cryptocurrency protocol and its software implementations have been disclosed in full detail.

The vulnerabilities were spotted as early as April 3rd, 2020 by Antoine Riard, a Bitcoin Core and Rust-Lightning contributor at Chaincode Labs.

On discovery, Riard informed both the Lightning Network (LND) team and developers behind its c-lightning and Eclair implementations.

In fact, given Lightning’s growing adoption rate and the fact money was at stake, Riard agreed to wait for six months before publicly disclosing the vulnerabilities discussed below.

Riard further shared with BleepingComputer:

“They are serious [vulnerabilities] because LN nodes channel connections are open, you can freely stake funds with any well-known nodes and thus steal from them.”

“LN nodes are hot wallets.  If it would have been exploited in the wild, the impact would have been direct fund loss for victims (at least for the high-s one [CVE-2020-26895]).”

1. CVE-2020-26895—”Hodl my Shitsig“
   
   Given blockchain-based protocols deal with money, extensive security measures and failsafe measures are built into them. One such concept is called “transaction standardness.”
   
   Transaction standardness enforces set of anti-Denial of Service (DoS) rules on top of the Bitcoin consensus rules a node may already have in place.
   
   Transaction standardness malleability on the other hand is a form of attack on cryptocurrency protocols that can effectively “invalidate” a transaction – as if it had never happened.
   
   “This situation is concerning and sound to have been an undersight during Lightning/payment channels protocols design,” wrote Riard. “The transaction standardness surface is quite wide, and any standardness fault, either accidental or malicious triggered, can provoke a loss of funds for a LN node,” he continued.
   
   Flaws like this one can lead to the security of funds being compromised and open pathways for DoS attacks, according to Riard.
   
2. CVE-2020-26896—”The (un)covert channel“
   
   The second vulnerability allowed an attacker to intercept and stealthily “steal” the Hashed Timelock Contract (HTLC) signed between two parties.
   
   HTLC is a “smart contract” used by cryptocurrency protocols that provides ability for the recipient to confirm they have received the payment within a certain time period. Failing to generate an HTLC properly and in time, would void the transaction.
   
   By exploiting this flaw, an attacker could essentially disrupt an ongoing transaction so that the invoice issuer wouldn’t be paid.
   
   “If this vulnerability has been exploited, the original sender would have discovered the preimage, according to the pre-agreed invoice but without the issuer effectively being paid,” explained Riard.
   
   “In case of legal disagreement if the corresponding good/service should be settled, and assuming parties were subject to the same jurisdiction, it could have been an interesting case to
   decide if the invoice/preimage pair is legally binding,” he further advised.

Riard additionally told BleepingComputer, “The codebase is open source and the protocol runs publicly thus patching the vulnerability overtly would have [allowed funds to be stolen] during the deployment. That is the reason patches were covert. Fixes were bundled with other changes.”

Also Read: Data Protection Framework: Practical Guidance For Businesses

Both vulnerabilities were patched in versions 0.11.0 and above of lnd, the open-source implementation of Lightning Network.

“While we have no reason to believe these vulnerabilities have been exploited in the wild, we strongly urge the community to upgrade to lnd 0.11.0 or above ASAP,” the October 9th advisory had stated.

In addition to Riard’s disclosures linked above, the Lighning Network development team has also released separate advisories for CVE-2020-26895 and CVE-2020-26896. 

Update, 21-Oct-2020: Added quotes provided by Antoine Riard.