July 7, 2020 Jul 7, 2020 New paper highlights possible ‘Flood & Loot’ attacks on the Lightning Network.

A new academic paper from researchers at The Hebrew University of Jerusalem has highlighted the Lightning Network’s vulnerability to so-called ‘Flood & Loot’ attacks. The paper explores the potential for attackers to close multiple channels on the second layer network at once, in turn preventing the accurate settling of debts and theoretically allowing said attackers to steal user funds. Although the authors did offer mitigation strategies for the attack they ultimately concluded that many of the exploited vulnerabilities were due to the foundational architecture of the Network, specifically the use of hash time-locked contracts (HTLCs).