Bitcoin Lightning bug could lead to and steal millions of dollars

Bitcoin developer Antoine Riard has revealed two new bugs that affect operators of rich nodes within the Lightning Network, a payment protocol worth more than $500 million of BTC capacity.

The transaction jamming attack takes advantage of the Bitcoin Core software's transaction selection, naming, and propagation methods of full Bitcoin nodes connected to the Lightning Network.

Dubbed “transaction relay overflow attacks,” the bugs allow an attacker to steal bitcoin (BTC) from the wealthiest Lightning nodes. Although there is no evidence that a thief has exploited these bugs, Lightning implementation providers Éclair and Core Lightning are already working on software patches.

In particular, the cost- and time-intensive attack is not worth the effort for victims over approximately $130,000 worth of BTC and is more suitable for nodes with more than half a million dollars.

Overflow attacks through Bitcoin Lightning trading recreation

The attack would allow a thief to steal money from the victim's Lightning channel by preventing time-sensitive transactions such as justice transactions from moving through the network. After submitting the node for 32 Bitcoin blocks (Core Lightning basics) or 140 blocks (Éclair proof), the robber could get away with an irrevocable bounty.

In regular clock time, that would mean about 5.5 hours to steal from a basic Core Lightning node or 24 hours for a node running basic Éclair software.

By default, nodes limit the number of unauthenticated transactions they transmit or accept at any given time to reduce the chance of multiple denial-of-service (DoS) attacks. The attacker can a high overflow jamming attack which prevents the victim from proceeding with a justice transaction by continuously overwhelming the node with high fee rate transactions.

By default, a Bitcoin Core node always chooses to transfer the highest fee transactions first and queue lower fee transactions – even if one of these lowest cost transactions is the Lightning Network's own transaction of justice at the nodes.

This is one bug that Core Lightning and Éclair are fixing, thanks to Riard's responsible disclosure.

Again, the high overflow overflow attack prevents the victim from anti-stealing transactions by continuously overflowing transactions with higher fees, so the t -name “high overflow.”

For this reason, the attack is expensive – with initial estimates north of $130,000 during the hours of the attack.

In addition to this high-flow jamming attack, Riard explained another variation of the transaction jamming bug: low overflow.

Change with thousands of low cost transactions

The low overflow is a cheaper but less reliable modification for the attacker. Here, to save money, the attacker targets a victim trying to send a transaction to nodes with an unsolicited transaction queue of 5,000 per peer.

The attacker floods the victim with a large number of transactions using the lowest transaction fee rate. The victim then advertises these transactions to his peers and the peers try to drain the queue by requesting these transactions. If the attacker can queue de over 5,000 transactionsthe attack may be successful.

Technically, the low overflow attack accelerates the interaction of electronic nodes with Bitcoin Core's default MAX_PEER_TX_ANNOUNCEMENTS, causing incoming transactions to exceed this threshold.