Author: Antoine Riard 2021-10-04 15:09:28
Published on: 2021-10-04T15:09:28+00:00
The Lightning implementations Eclair, LND, and LDK were found to have vulnerabilities that could be exploited in a range of attacks. These vulnerabilities may result in fee blackmailing, burning liquidity, or stealing channel balance. One vulnerability was caused by the current BOLT specification only requiring Alice's `dust_limit_satoshis` to be under Alice's `channel_reserve_satoshis`, which allows Alice to inflate the dust limit until reaching the implementation-defined max value. This vulnerability can cause substantial losses to Bob's funds by publishing Alice's commitment on-chain. A proposed solution is to verify the counterparty's announced `dust_limit_satoshis` at channel opening and define a new configurable limit `max_dust_htlc_exposure`. A mitigation was developed and released on the LDK-side in August 2021, and the vulnerabilities were disclosed to other Lightning developers. The Bitcoin Core dust limit was an active topic of discussion on the mailing list in August 2021, and changes to the limit could have affected the ongoing development of mitigations. However, despite the lack of a well-defined communication process across Lightning teams, developers from three different implementations actively participated in the diagnostic and mitigation development process for long-standing specification issues affecting the entire Lightning ecosystem. The timeline of events leading up to the full disclosure of CVEs on October 4th, 2021, includes the discovery of a vulnerability against LND on April 19th, the finding of a method to exploit the trimmed-to-dust mechanism in 'update_fee' reception by Eugene Siegel on July 21st, and the opening of BOLT PR #894 by Bastien Teinturier on August 11th, which covered the lack of verification of counterparty per-HTLC 'dust_limit_satoshis.' Mitigations were developed in LDK on August 16th, and a public disclosure date was communicated. Muun wallet was notified on August 26th but was found to be non-affected, while Electrum wallet was notified on August 27th. Finally, on October 4th, BOLT PR #919 was submitted to cover the remaining vulnerabilities.
Updated on: 2023-06-03T06:05:32.663331+00:00