We strongly encourage Lightning network contract operators who use LND releases prior to the October 1 Update to version 0.11 to upgrade as soon as a vulnerability is discovered that affects LND version 0.10 and below.

The vulnerability became known on October 9th in a statement issued by Lightning Conner Fromknecht engineer, Head of Cryptography Engineering at Lightning Labs. Menknecht like this:

“While we have no reason to believe these vulnerabilities are being exploited in the wild, we are urging the community to migrate to 1.11.0 or higher as quickly as possible.”
So far, few details have been revealed, with Fromknecht assuring that the vulnerabilities will be fully revealed on October 20.

This isn’t the first time a Lightning Network vulnerability has been discovered. Last year, Chief Technology Officer Olaoluwa Osuntokun of Lightning Labs confirmed that common vulnerabilities and exclusions (CVEs) are “exploited in nature”.

Earlier this year, researchers warned of privacy issues on the Lightning Network that could reveal financial information about anonymous Bitcoin transactions.

Lightning Labs, Blockstream, and ACINQ are currently the three main teams working on the development of the Lightning Network.

Source: CoinTelegraph

LEAVE A REPLY