Discovered a way to attack LN custodian services
Discovered a way to attack LN custodian services

Discovered a way to attack LN custodian services

By Marco Cavicchioli - 21 Sep 2021

Chevron down

A Reddit user has posted what may be a way to attack custodial services on the Lightning Network. 

The post reveals how satoshis could be stolen from these services. 

The attack on the custodial services on Lightning Network

The key point is the discrepancy between the free or fixed transaction fees offered by these services, and the actual fees of the LN network. This discrepancy may be exploited to make a profit. 

However, a distinction must be made between non-custodial LN wallets, against which it is simply not possible to launch such an attack, and custodial wallets. Of these, the author of the post claims to have attacked Bitfinex, OKEx, Muun, WalletOfSatoshi, LNMarkets and Southxchange. 

The attack consisted trivially of a satoshi deposit into these custodial services, and a subsequent withdrawal, but only after a node had been placed between the custodial service and the receiving node so that payments could be routed. 

In this way, the routing node positioned in the middle collects a fee that may be large enough to generate a net profit. 

If an overall positive net return can be generated, then the amount of fees collected and the speed rate of the transaction can be optimized to continue to steal satoshis to the detriment of custodial services with free, or fixed but very low, fees.

The attack is not so easy to carry out because inserting the routing node in the middle is not a procedure that everyone can do, but it seems that it is not particularly difficult for experts. 

Bitcoin Lightning Network
No hack ok Lightning network

Not a hack

The strange thing is that multiple services were vulnerable to such a simple attack. 

Now that this is known, the custodial services that might be affected can easily take cover by simply raising their fees, which will in any case remain extremely low. 

This is not a hack, but merely the exploitation of an imprudent commercial policy by some custodial services offered by some intermediaries. The flaw does not affect non-custodial wallets at all. 

For the time being, Lightning Network seems to be working very well, but it has only been around for a relatively short time and may still reveal some vulnerabilities in the future. Caution is advised in its use, and in particular the use of not particularly large amounts of money, since on-chain transactions are still the most appropriate. 


Marco Cavicchioli

Born in 1975, Marco has been the first to talk about Bitcoin on YouTube in Italy. He founded and the Facebook group" Bitcoin Italia (open and without scam) ".

We use cookies to make sure you can have the best experience on our site. If you continue to use this site we will assume that you are happy with it.