Lightning Labs reveals Wumbo channel attack vector

Lightning Labs developer Joost Jager described a micropayment network vulnerability that could lead to compromise of Lightning Network channels at low cost.

Joost Jager said the Lightning Network could attack Wumbo payment channels , which allow for larger transactions on the network and increase transaction volumes. Prior to the addition of Wumbo Channels this summer, users could create channels with a maximum capacity of 0.1677 BTC – this limitation was made as a precautionary measure.

Jager states that Wumbo channels can be exploited by attackers because a channel cannot contain more than 483 hash-locked and time-bound (HTLC) contracts, regardless of its capacity. Thus, the fraudster can send himself 483 micropayments and control the HTLC to disable the channel for up to two weeks.

According to the developer, this can be achieved by using the maximum route length to add channels and more contracts. At the same time, according to Jager’s calculations, the cost of such an attack will be small – about 5.8 million satoshi. The developer noted:


“Using the maximum route length for adding channels, each payment can take up to 9 HTLC slots on the target channel. If the attacker is lucky, he will only need to send 54 payments to reach the target. One tiny channel can knock out double-digit BTC amounts. “


Jager said he launched a new project called Circuit Breaker to address the issue , a firewall for Lightning nodes. Its main purpose is to induce thinking about this attack. According to the developer, the project has the potential to become a full-fledged protection system for Lightning. When asked if this attack is the largest undisclosed attack vector on LN today, he replied :

“It depends on what is considered a major attack vector. There are other attacks that can make you lose money, which seems even worse. But this is one of the biggest problems in terms of the fact that we do not know how to solve it. “

As a reminder, in June, the Lightning Network discovered the possibility of an attack on payment channel chains. In addition, in the spring, researchers from universities in Norway and Luxembourg discovered the possibility of an attack on the Lightning Network. In this case, the balances of the nodes through which the transaction passes can be disclosed.

About author

Experienced Founder with a demonstrated history of working in the newspapers industry. Skilled in Data Research, Management, Investment Research, Teamwork, and Leadership. Influencing the technology, people, and technical analysis of the Cryptocurrency and Blockchain world.
Related posts

PayPal Customers Are Now Allowed To Use Cryptocurrency To Make Payments To Merchants Worldwide


Bitcoin Recovers $56,000: ETH Recovers $1,700 (Observed Over The Weekend)


Vladimir Putin: "we need to stop illegal transactions with digital assets"


Coinbase exchange valued at $ 943 million in preparation for direct listing on Nasdaq

Sign up for our newsletter and stay informed

0 0 votes
Page Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x