Lightning Community Points ‘Emergency Hot Fix’ after LND Nodes Fail to Sync
Lightning Community, a layer 2 protocol that allows sooner Bitcoin transactions, has issued an emergency sizzling repair liberate to patch a trojan horse on the network.
The repair, posted to GitHub on Tuesday by Lightning Labs’ infrastructure engineer Oliver Gugger, addressed the unsynced nodes. The trojan horse had unsynced Lightning Community Daemon (LND) nodes – plump implementation Lightning Community nodes that comrpise btcd, bitcoind, and neutrino.
A pseudonymous developer known as Burak situation off off the trojan horse, then alerted the community by sharing a block explorer hyperlink to the transaction that caused it.
Burak had encoded a message at some stage in the transaction that caused the destroy in node consensus: “you’ll flee cln. and you’ll be chuffed.” CLN refers to Core Lightning – a brand new modular Lightning implementation.
Several folks faulted Baruk for not disclosing the trojan horse to the team responsibly. “The ethical thing to invent is to [make] a vulnerability disclosure to the Lightning Labs team in situation of taking down [the] majority of the nodes in the network,” tweeted Synonym CTO Reza Bandegi.
One other tweeter, Anthony Cities, mentioned he noticed the identical trojan horse two weeks ago and urged a member of the Lightning Labs team, elevating questions as as to whether or not it could personal been prevented.
Chaincode Labs engineer Pieter Wuille mentioned that fixing the trojan horse with out elevating suspicion would personal been anxious to drag off, making it a anxious resolution for the Lightning Crew.
Lightning Labs CEO Elizabeth Stark additionally tweeted her disapproval with Burak’s disclosure. “I don’t accept as true with the kind taken,” she mentioned.
“We acknowledge there became one other trojan horse exploited by cooperating with miners, which became clearly not mammoth, and mounted it within ~2 hours,” tweeted Stark, regarding one other LND trojan horse which became exploited on Oct. 9 by the identical particular person.
Stark mentioned that Lightning Labs became engaged on a trojan horse bounty program that may maybe well well pay out for responsible disclosures.
Source credit : unchainedcrypto.com
