So a lot of noise has been made around the Lightning vulnerability recently disclosed by Antoine Riard. Many people are claiming the sky is falling, that Lightning is fundamentally broken, and nothing could be further from the truth. I think part of the problem is that people don’t really understand how this vulnerability works, firstly, and secondly many people don’t understand how this individual vulnerability overlaps with other known issues on the Lightning Network that have known solutions.
So first, let’s go through and try to understand the vulnerability itself. When a Lightning payment is routed across the network, one thing that is key to understand is how the timelocks for refunding a failed payment work. The hop closest to the receiver has a timelock of ‘x’, and every hop going back to the sender has one of ‘x+1’, ‘x+2’, and so on. The timelocks get progressively longer as you go each hop from the receiver back towards the sender. The reason for this is that if a payment re
We współpracy z: https://bitcoinmagazine.com/technical/postmortem-on-the-lightning-replacement-cycling-attack
