A Bitcoin Core programming error opens the door for attackers to steal funds in transactions between the Lightning network and the main chain. For this reason, Bitcoin Core developers urge Lightning node users or app users on other BTC transfer platforms to update their software as soon as possible to the latest versions of Bitcoin Core.
According to information provided by developer Eugene Siegel through Delving Bitcoin, "while most of the network has been updated to at least version 22.0, there are still a few thousand stragglers, so it is expected that this Disclosure will motivate those running Lightning nodes to upgrade to a more secure version.” The disclosure of this bug was done responsibly almost 3 years ago, during which time engineers and developers worked on the fix without disclosing the information publicly to prevent anyone from using the information maliciously.
Specifically, the bug allows an attacker to find a Lightning Network relay node that connects to a Bitcoin relay node running a version of Bitcoin Core prior to v22. “The attacker opens many separate connections to the victim's Bitcoin node. The attacker then attempts to deliver the newly found blocks to the victim faster than any honest peer, resulting in the victim node automatically assigning attacker-controlled peers to all high-width compact block relay slots. “bandwidth of the victim,” explains the Bitcoin Optech team.
After the attacker gains control over a large number of pairs of the victim's Bitcoin slots, he uses the channels he controls on both the mainnet and the victim's Lightning network to forward the payments he creates.
In one of the potential cases described, the attacker teams up with a Bitcoin miner to create a block that unilaterally closes the Lightning payment channel on the recipient's side, without retransmitting the transaction in an unconfirmed state (this miner assistance only It is necessary when attacking a Lightning implementation that monitors the mempool for transactions).
That transaction block, or another block created by the miner, also claims payment by releasing the HTLC preimage (the temporary contract required to redeem funds being exchanged in Lightning). What happens next is that the victim's Bitcoin node sees the block and transmits it to their Lightning node, to extract the preimage, allowing them to claim the payment amount from the spender's side.
“However, in this case, the attacker uses this revealed block locking attack to prevent the Bitcoin Core node from knowing the blocks containing the preimage,” comments the Bitcoin Optech team.
The deadlock attack takes advantage of previous versions of Bitcoin Core being willing to wait up to 10 minutes for a peer to deliver a block it announced before requesting that block from another peer. Given an average of 10 minutes between blocks, that means an attacker controlling x connections can delay a Bitcoin node receiving a block for about the time it takes to produce x blocks. If the resend payment must be claimed within 40 blocks, an attacker controlling 50 connections may have a reasonable chance of preventing the Bitcoin node from seeing the block containing the preimage until the spending node can receive a refund of the payment. If that happens, the attacker's spending node paid nothing and the attacker's receiving node received an amount taken from the victim's node.
This is not the first time that the Bitcoin Core team has made a responsible disclosure about a programming error in the network's main client, which is corrected. Earlier in version 24 of the software errors were found in the wallet and they were corrected.