Bug freezes bitcoin inside Lightning Network for hours

Listen to this article.

Late on Sunday, researchers discovered a critical validation bug on LND, a popular implementation of Bitcoin’s Lightning Network championed by Lightning Labs.

Specifically, LND’s Bitcoin full node implementation, BTCD, had a bug in its implementation of Taproot. (BTCD is a full node implementation for Bitcoin that’s popular among Lightning Network users.)

The bug affects LND versions 0.15.1 and older. LND urges all users to upgrade to v0.15.2.

The LND bug affected how Lightning nodes functioned and prevented LND users from exiting the layer 2 Lightning Network onto mainnet, layer 1 Bitcoin for a few hours. While the bug was unresolved, LND users couldn’t create or close new Lightning channels.

Massive multi-sig Taproot transaction unveiled the bug

Researchers discovered the LND bug while testing the limits of Bitcoin Scripting Language, a programming language of Bitcoin. They wanted to test an extremely advanced smart contract that required co-authentication by numerous parties.

To accomplish this test, one researcher, Burak, created a large 998-of-999 multi-sig Taproot transaction. This required 998 private key signatures to authenticate sending bitcoin — an extraordinary amount of co-signers.

To put that 998 figure into context, consider that Lightning Network users typically open channels using just 2-of-2 multi-sig transactions.

The 998-of-999 multi-sig Taproot transaction was accepted by testnet block producers. The transaction was later mined in a mainnet Bitcoin block. Then the transaction broke LND.

That transaction confused the method used by LND to calculate what the most recent Bitcoin block was. Specifically, LND was unable to parse a new block due to its faulty library. The following message would appear in error logs: “Unable to complete chain rescan: readScript: script witness item is larger than the max allowed size.”

Lightning Labs immediately began work on an LND bug fix, updating BTCD’s wire parsing library, and planned to release version 0.15.2

Read more: Offline Bitcoin Lightning payments will soon be possible

Highlights the need for cross-implementation watchtower services

After the bug resolution process, researchers began expressing a need for watchtower services that are implementation-agnostic.

This bug only affected LND. LND is a popular implementation of Lightning Network. Other implementations include Éclair and Core Lightning.

Watchtowers are third-party services that monitor the publicly viewable Bitcoin Lightning Network and allow users to seek restitution for misbehavior. Watchtowers could monitor all implementations of Lightning to protect users during outages of any particular implementation.

For example, because most users join Lightning as a 2-of-2 multi-sig transaction, they usually trust one counterparty to not lie about the final balance of bitcoin in each other’s possession when closing the channel and exiting the network onto mainnet Bitcoin.

If someone lies about the bitcoin in their possession when attempting to close a Lightning channel, a user who can prove this lie can publish another, so-called Justice Transaction, and take 100% of the bitcoin in their channel as a reward for catching the lie.

A watchtower that monitors all implementations (LND, Core Lightning, Éclair, etc.) could protect a user during bugs or hacks, allowing them to publish Justice Transactions if anyone tries to steal their money during service outages. There are some small, cross-implementation watchtowers like Eye of Satoshi, but they aren’t widely used.

For more informed news, follow us on Twitter and Google News or listen to our investigative podcast Innovated: Blockchain City.