Published on: 2020-10-10T00:32:47+00:00
The Lightning Network, a protocol enabling fast and low-fee Bitcoin transactions, has uncovered vulnerabilities affecting lnd versions 0.10.x and below. The specifics of these vulnerabilities will be revealed on October 20, 2020, although the disclosure timeline was expedited compared to normal circumstances. While there is no evidence of these vulnerabilities being exploited thus far, the Lightning Network urges users to promptly upgrade to lnd 0.11.0 or newer versions. Support is available through the #lnd IRC channel, LND Slack, or support@lightning.engineering. Conner Fromknecht, a member of the Lightning Network team, advises users to verify the gpg signature before upgrading and ensure that the support email is correctly formatted. For assistance with the upgrade process, users can consult the installation documentation. Furthermore, the Lightning Network will release additional details about the vulnerabilities in the following weeks and introduce a comprehensive bug bounty program.
Updated on: 2023-07-31T23:05:16.920462+00:00