Powered by

Bitcoin developer warns Lightning Network is flawed and likely vulnerable to DoS attacks


Bitcoin maximalists have long counted on the Lightning Network and its off-chain transaction solution to fix the network’s increasing scaling issues and exorbitant transfer costs – but it seems this dream might not be as close to reality as the blockchain community wishes.

Bitcoin Core developer Peter Todd has taken to Twitter to share his first impressions from playing around with the Lightning testnet and the results are not particularly encouraging, to say the least.

Among other things, Todd reported that C-lightning – the Lightning Network implementation written in C – runs into segmentation faults pretty frequently and “when it’s not crashing payments fail more often than not.”

For those unfamiliar, so-called ‘segfaults’ occur when poorly written programs falsely attempt to access memory locations that are otherwise out of scope – or have been modified to be accessed in a forbidden way, like writing to a read-only property.

One of the reasons for such hurdles is that Lightning was written in C – a programming language Todd argues might not have been the best fit for the task at hand. By contrast, he suggested Rust fits the intended function of the network much closer.

The developer further noted that the current iteration of the Android-based Eclair wallet for Lightning is also flawed and could lead to a loss of funds.

More worryingly though, Todd went on to predict the Lightning protocol could very well “prove to be vulnerable to DoS [denial of service] attacks in its current incarnation.” According to the cryptographer, this poses danger to both the peer-to-peer as well as the blockchain level of the project.

Instead, Todd contended, Lightning should have opted for a more centralized approach to setting up its payment channels.

Responding to criticism that Lightning is already centralized, Todd said that it “is obviously a decentralized protocol” in its current form. However, he critiqued their approach for “biting off more than they can chew by going for the moon shot of a fully decentralized protocol first.”

One thing to mention is that Lightning is still a work in progress. In fact, the company has repeatedly warned non-technical users against toying around with its solution until it is more commercially-ready.

Co-founded by Joseph Poon and Thaddeus Dryja, Lightning was conceived as an additional layer to the Bitcoin blockchain that leverages a network of many small nodes to facilitate cheap, fast, and private transactions – a much-needed off-chain alternative to Bitcoin’s congested network.

Meanwhile, Bitcoin continues to struggle with high transaction fees and slow transactions – though the network is admittedly much more stable now than it was a couple of months back.

Indeed, Bitcoin.org (not to be mistaken with the Bitcoin Cash-associated Bitcoin.com) recently updated its website to reflect this reality.

Correction: This piece wrongly named Lightning Labs co-founders, Elizabeth Stark and Olaoluwa Osuntokun, as the creators of the Lightning Network. We’ve corrected this inaccuracy and apologize for the mistake.

Published February 27, 2018 — 13:46 UTC