Bitcoin’s Lightning Network found to have security vulnerabilities

Bitcoin’s Lightning Network, an experimental second-layer scaling solution built on top of the Bitcoin Network for quicker fund transfers, has been found to have some security vulnerabilities.

Rusty Russell, an Australian software programmer and a bitcoin lightning coder, tweeted Friday, saying that security issues have been discovered in “various lightning projects which could cause loss of funds.”


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

While Russell did not provide specific details, he said more information will be issued in four weeks.

In the meanwhile, the coder has advised users to upgrade the following affected lightning nodes:

- Common vulnerabilities and exposures (CVE) -2019-12998 c-lightning < 0.7.1
- CVE-2019-12999 lnd < 0.7
- CVE-2019-13000 eclair <= 0.3

The Lightning Network was first proposed in February 2015, and is still very much in its early days with many issues. Over 50 firms are working to bring the network to the mainstream, including Casa, OpenNode and Thor, according to The Block’s research.

About Author

Yogita Khatri is a senior reporter at The Block, covering all things crypto. As one of the earliest team members, Yogita has played a pivotal role in breaking numerous stories, exclusives and scoops. With nearly 3,000 articles under her belt, Yogita holds the records as The Block's most-published and most-read author of all time. Prior to joining The Block, Yogita worked at crypto publication CoinDesk and The Economic Times, where she wrote on personal finance. To contact her, email: [email protected]. For her latest work, follow her on X @Yogita_Khatri5.