Author: ZmnSCPxj 2020-08-30 13:38:11
Published on: 2020-08-30T13:38:11+00:00
The Lightning Network has been found to have certain vulnerabilities by Bitcoin developer ZmnSCPxj. The first vulnerability allows one party to drain the entire balance of a channel using anchor outputs, which are outputs that require a higher minimum amount to spend than regular outputs. A solution to this issue is to execute just one contract transaction that includes anchor outputs and prevents the other party from burning the entire balance as they only have access to a small amount. The second vulnerability involves opportunistic camping where someone waits for CoinSwap transactions to occur and then broadcasts their own. If an output has been in the same UTXO for a long time, the contract transactions remain valid and can be used to extract value. To protect against this, contract transactions should signal RBF, have a min-relay=feerate, and during low-fee periods we should collect outputs whose private key have been turned over to us, paying at a slightly higher feerate than 547 sat/130 vbyte fee rate.
Updated on: 2023-06-14T03:26:25.543309+00:00