The end of Lightning Network?

[alani123]

Antoine Riard, one of the core Lightning Network developers publicly announced his resignation from the project, citing some serious concerns.



This puts some serious doubt on the future of lightning and the viability of it as a scaling solution.
What are your thoughts? Is there a path of recovery for developing scaling solutions?
And how about the years of waiting and supposed progress of development on the lightning network? Does it all go to waste?
For many, lightning network was the go to solution to bircoin's scaling issues.

[Kruw]

Peter Todd mentioned potential fixes requiring soft forks on the mailing list - https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-October/022042.html

Shinobi says that the problem can be solved just with a few tweaks - https://twitter.com/brian_trollz/status/1715743794098753952

Lightning is not dead, and this is getting silly as shit at this point. The solution to this issue is as simple as extending timelocks and rebroadcasting transactions regularly with a slight fee bump, or just handling pre-signed TXes in a different way.

The sky isn't falling.

[mk4]

Not sure why some people are calling it dead already.

1. While he's a core dev, he's definitely not the only dev

2. Lightning has never been perfect. But while it technically works, it's simply not ready yet. There's a reason why I never recommended it to normies yet as of yet. But, let's not forget that —

3. Software can be improved

[AHOYBRAUSE]

Not sure why some people are calling it dead already.

1. While he's a core dev, he's definitely not the only dev

2. Lightning has never been perfect. But while it technically works, it's simply not ready yet. There's a reason why I never recommended it to normies yet as of yet. But, let's not forget that —

3. Software can be improved

Exactly.
Why even speculate about that when 1 person is leaving the team.

Sure lightning didn't have as much success as it once was hoping for, after all it started very promising. I also never really used it, just tried it out for a split second. The idea behind it is great but it still needs a lot of improvement to be done in the near future fur it to actually succeed.

[Kemarit]

And from what I understand, they have known it already since 2022. And it require some technical know how to be able to pull this one out successful. So far the exploits haven't been seen in the wild.

Obviously, he is not the only developer, so it this has been found out already, a patch can be made. Just a matter of time.

So the future still looks bright for LN, this is just another bump in the road, and just like any other softwares, there could be bugs to be fixed.

[yhiaali3]

The resignation of one developer does not mean the death of the Bitcoin Lightning Network. It will certainly have a negative impact, especially since there have been many years of waiting, but let us hope that this is not actually the end.

Yes, the Lightning network was the perfect solution to the problems of scaling Bitcoin for many, but unfortunately it did not gain the necessary widespread popularity and remained limited to a few Bitcoin fans, perhaps because Lightning is not as easy to use as the regular Bitcoin network.

I hope that the years of waiting and development will not be wasted without any benefit, but unfortunately the Lightning Network, although it gave everyone high hopes, was faltering from the beginning and it appears that the problems are greater than the solutions it provides.

[adaseb]

While this is a disappointment you need to understand that Lightning network is pretty new tech and new tech is usually full of bugs. Look how many hacks are happening on the ethereum network every couple of weeks. So this is understandable. The fact is that it will get fixed as long as the soft fork passes.

Soft forks are very controversial with bitcoin, remember Segwit? So hopefully there will be enough consensus and after we patch all the bugs and holes, we can run the new code and all is well. And keep in mind this is just LN not Bitcoin itself.

[Solosanz]

franky1 will happy to see lightning network is dead

As been mentioned by above users if lightning network is new and Riad isn't the only one developer in this project, similar like Satoshi disappeared and many developers are still develop Bitcoin.

So if you want to use lightning network due to it's cheap fee, you should only use or hold small amount of money, hold the most in on chain.

[thecodebear]

What exactly is the issue with LN the dev is talking about?

[davis196]

What exactly is the issue with LN the dev is talking about?

Somebody, who is an expert in LN should explain to us the problem in a simple and easy to understand way.
What are "replacement cycling attacks"? Most of the people here aren't experts.
1.AFAIK, the Lighting Network is a centralized offchain solution and it will always remain centralized.
2.The Lightning Network isn't user-friendly at all. There's plenty of room for improvement in making LN more user-friendly.
3.This guy is simply a developer. He is not "the CEO of Lighting Network". He mentioned in his post that there are senior LN developers.
There's no need to make clickbait forum titles about "the end of LN".

[pooya87]

Antoine Riad, one of the core Lightning Network developers publicly announced his resignation from the project, citing some serious concerns.

Since I'm not familiar with LN at a technical level I can't comment on the technical matter, however I would like to remind everyone that this is not the first time someone acts like this.
There have been a couple of them in the short time Bitcoin has existed like Mike Hearn, one of the main Bitcoin developers who basically called bitcoin dead as he left the project back in 2016 while referring to Bitcoin as "a failed experiment". We are 7 years later and Bitcoin is going even stronger.

From Jan 14, 2016

the network is on the brink of technical collapse.

[cygan]

the developer @mononautical has published the following 4 slides on twitter (x) to go into more detail about the whole thing. the whole mechanism around the newly discovered vulnerability is a bit more difficult to understand. under the link below he gives us (in several tweets) a detailed insight into the whole story



https://twitter.com/mononautical/status/1715736832950825224

[hugeblack]

In most cases, you will not get a technical answer here. Ask again in the technical department or https://bitcoin.stackexchange.com/, but if a project fails due to the departure of one developer, then the project is a failure. In addition, the Lightning Network is one of the second network solutions to solve the scalability problem, and there are many side networks.

franky1 will happy to see lightning network is dead

I was looking for his reply, it seems he hasn't read the thread yet.

[tbct_mt2]

Antoine Riad, one of the core Lightning Network developers publicly announced his resignation from the project, citing some serious concerns.

Bitcoin is open source and it can be developed by many developers.

Did Bitcoin network stopped or Bitcoin Core wallet software stopped its development after Satoshi Nakamoto disappeared years ago?

In reality, Bitcoin has been continuing its growth and Bitcoin Core has been developed with many more versions after Satoshi Nakamoto disappearance.

Antoine Riad is only one of developers and thanks to his contributions so far, good luck to him in future with his new journey but Bitcoin Lightning Network will not die because of this decision to resign.

[franky1]

LN has alot more flaws then this.
but when it comes to them on another network making demands to need a bitcoin network fork, just to make their network work. it shows their network has bigger problems they cant even resolve themselves on their own network
the issue at hand of this particular flaw it to force bitcoin miners to reject a new softfork transaction format if it uses a expiry that has passed. BUT thus needing a hard fork upgrade on the bitcoin network to ensure its enforced, bitcoin has become easy to let in soft nonsense, unchecked data.. but to strengthen the rules to reject transactions of a certain format requires a hard fork

some of them wanted work arounds like having centralised services to manage funds or watch for abuses. but these do not help the decentralisation promise..
the great thing about code is you can write your own rules on their own network, but if their code has a problem. putting a plaster on it or asking another network to provide them a feature, just shows their are problems at their root

they have became too lax about their scripts. where they have not thought about security, but instead malleability. having a mindset that everything should be soft and not hard has meant many people can find exploits. and even if they try to fork bitcoin to add in a output deadline. it wont fix the issues, there are many other scripting exploits people can use to perform the same attack, the latest one relates to how participants of p2tr do not know all the scripting conditions of all methods to spend. they just blindly sign a part not realising that part can be used against them

i am not going to explain all the flaws(giving scammers ammo) nor logical fixes due to simply not liking their network so they dont deserve help. but atleast now the flaws are starting to get noticed.. best suggestion .. start afresh and use a different payment system model.. make a subnetwork that actually meets its 6yo promises

there are millions of people that tried LN and experienced its flaws and instead moved over to other subnetworks. this is not just one guy leaving. but just a notable guy of millions leaving

i might actually respect core devs again if they made a subnetwork that is truly functional without having to mess with bitcoins rules just to fit. because messing with bitcoins rules has made bitcoin soft. and thats something we should not allow, just to populate someone elses network

[Baofeng]

What exactly is the issue with LN the dev is talking about?

Somebody, who is an expert in LN should explain to us the problem in a simple and easy to understand way.
What are "replacement cycling attacks"? Most of the people here aren't experts.
1.AFAIK, the Lighting Network is a centralized offchain solution and it will always remain centralized.
2.The Lightning Network isn't user-friendly at all. There's plenty of room for improvement in making LN more user-friendly.
3.This guy is simply a developer. He is not "the CEO of Lighting Network". He mentioned in his post that there are senior LN developers.
There's no need to make clickbait forum titles about "the end of LN".

Actually it's very technical, that's why no one even attempted to do this exploit.

In any case, here is the paper, author by Antoine Riad himself - https://github.com/ariard/mempool-research/blob/2023-10-replacement-paper/replacement-cycling.pdf

[Catenaccio]

I hope I will see drops of #open channels and sum of channels value. 
https://txstats.com/d/000000012/lightning-network?orgId=1&from=1517011200000&to=1698019199000

[garlonicon]

but to strengthen the rules to reject transactions of a certain format requires a hard fork

Why? Rejecting transactions is not a problem in any soft-fork. Accepting more transactions than usual is a problem.

Imagine an extreme soft-fork, that would reject all transactions, and would allow only coinbase transactions. Peter Todd described it there, it is perfectly valid soft-fork: https://petertodd.org/2016/forced-soft-forks

Which means, adding any kind of "expiration" to the transaction is not a problem at all. You have a node, you receive a transaction, you see "Oh, it's five o'clock! That's all for today!", and then you simply reject that transaction. And then, if most nodes do the same thing, then you cannot send transactions after 5 PM, because it is a soft-fork rule, and if some miner will include it anyway, then the soft-forked network will reject that block. And if soft-fork has 51%, then it becomes a consensus rule.

But yes, the hardest way to reject a transaction, is to include a double-spend. Then, all other transactions, spending the same coins, will be always rejected in the future, because of already existing network rules.

the latest one relates to how participants of p2tr do not know all the scripting conditions of all methods to spend. they just blindly sign a part not realising that part can be used against them

Yes, of course. If you sign a TapScript branch with any OP_SUCCESS, it can be always used to attack. The same will happen, if some soft-fork will not reach 51%. And yes, signing a blind TapScript branch is stupid, because it could be just "OP_TRUE" or even simply "<attackerKey> OP_CHECKSIG". In general, it is the first time, when OP_SUCCESS was introduced, and it can be painful to prove, that "there is no OP_SUCCESS".

but atleast now the flaws are starting to get noticed

Yes, it seems some things are getting more and more soft. And that process will continue. It started with soft-forks, instead of hard-forks, and soon we will reach another stage: no-forks, instead of soft-forks. People will start building more and more stuff, without going through soft-fork signalling, and all of that. The most recent case was Ordinals, that could be somewhat-safe if deployed as a soft-fork, but was deployed as a completely unsafe no-fork instead.

best suggestion .. start afresh and use a different payment system model.. make a subnetwork that actually meets its 6yo promises

Well, you can always start with unidirectional payment channels, and just disable routing. Then, if Alice has 1 BTC, and Bob has nothing, Alice can give more and more coins into Bob, but she cannot take any coins from him. And then, everything is simple: if you sent some signed transaction, then you passed some coins. It is irreversible. Bob will always get the last transaction, because it gives him the most coins. That model meets all assumptions, but has one drawback: it requires more on-chain transactions than LN, so it will not be deployed. But the funny thing is that some Bitcoin ATM operators supported that proposal more than LN.

i might actually respect core devs again if they made a subnetwork that is truly functional without having to mess with bitcoins rules just to fit

You can deploy payment channels, that I described above, even without Segwit. The only thing you need is to eliminate malleability. And you don't even need multisig, because Paillier Homomorphic Encryption can do the trick even on P2PK: https://duo.com/labs/tech-notes/2p-ecdsa-explained

[DaveF]

I put this in the same pile as the Wormhole attack discussed here: https://bitcointalk.org/index.php?topic=5466886
Yes it can be done, but the cost and effort are so high as to not be worth it.

There are a lot of ways to attack BTC and the Lightning Network. Most of them are so esoteric / expensive / just about impossible to implement as to not be worth it.

Want to destroy LN or at least set it back years and years? Heck I can do that for you for less then BTC20000 / $600 million USD
As of now LN has about 5500BTC in it.
Just start spinning up nodes and connecting to other nodes and charge 0 fees. Just keep adding and adding and adding.
People will connect to you, you connect to others and soon just about every lowest cost route is running thought you.
There are people who have 10+ connections to other nodes but they are all yours.

But you now have 45000 nodes which is 3x as many as there are now and those 20000 BTC are all in LN so you own control 75% of the LN. Probably take about a year and everyone would be amazed at it's growth. Then you come in one morning and close all the channels to nodes that are not yours at once. Insane high fees so they are all in the next hundred blocks. Then when you have time you close the channels between your nodes, sit back and watch the chaos.

But, nobody has done it.

So worrying about some other attack that requires some extreme programming and other things is not a real worry.

-Dave

[garlonicon]

Then you come in one morning and close all the channels to nodes that are not yours at once.

Why? You can just turn off your nodes. You don't have to close those channels. Let your users do that, so they will start betting, by closing their channels in panic, and setting higher and higher on-chain fees, and reaching levels, where a proper fee to get it included in the next block, will reach the holy "1000 satoshis per virtual byte" limit, or will exceed the amount locked in the channel.

And then, your side would be clear. Being offline is less serious crime than closing the channels by yourself, even if the final outcome is exactly the same. It is sad, that LN can be attacked just by being offline, but it is true, and many attacks can be done in this way.