Researchers from the Norwegian University and the Academy of Luxembourg take published a inquiry paper detailing an assault that tin can deanonymize transactions broadcast across Bitcoin's Lightning Network.

The Lightning Network emerged as a controversial compromise from the Bitcoin (BTC) cake limit and scalability fence. Information technology'due south a second layer solution that facilitates well-nigh-instant, low-cost Bitcoin transactions. Proponents claim it offers privacy by implementing segregated witness (SegWit).

University students crack Lightning channel balances

Iv researchers from universities in Kingdom of norway and Luxembourg including Bitcoin, along with Lightning customs developer Ren Pickhardt, contributed to the research. The academics claim to have used transfer routing to 'probe' Lightning channels and discover the sum of Bitcoin held in balances.

The paper describes the 'probe attack' as taking "under a minute per channel" and requiring "moderate capital letter delivery and no expenditures".

Routed transfers exploited to reveal balances

Payments are processed over the Lightning Network, either directly between two parties, or routed — that's where an individual sends funds to a channel they practice not have direct access to via a mutual tertiary-parties.

Past using a myriad of routed transactions on the Bitcoin testnet the researchers were able to reveal channel balances. The assault is about free to execute, with the researchers configuring all transactions underpinning its probing attacks to fail "either due to insufficient balance or due to intentionally wrong hash value."

Solutions accept privacy-efficiency merchandise-offs

The team proposes several potential solutions to the probing attack, nevertheless, emphasize that each possible fix requires a trade-off betwixt privacy and efficiency.

The scholars proposed modifications to Lightning'due south protocol that would reduce transaction efficiency, in improver to new way to broadcast channel balances — although the method undermines privacy.

Ultimately, the researchers argue that a combination of both approaches is the optimal solution — where private data is hidden when feasible, and public data is also utilized for higher routing efficiency.

The Lightning Network currently comprises over xi,000 nodes, 36,000 payment channels, and holds roughly 900 BTC.