February 5, 2025
Lightning devs must ‘wake up’ and fix security bugs, not please VCs: Bitcoin dev

A former Lightning Network developer believes that developers working on Bitcoin’s Layer 2 Lightning Network are less focused on security and more focused on generating cash flow for investors.

Bitcoin Core developer and security researcher Antoine Riard made headlines last month after leaving the Lightning ecosystem over concerns about a new attack vector called “replacement loops,” which attackers could exploit. Steal funds by targeting payment channels.

At the time, Riard said the new attack put Lighting in a “dangerous position,” although some observers believed

Riard told Cointelegraph that he is now working on the Bitcoin base layer to solve this problem and urged Lightning Network developers to follow suit:

“(They need to) wake up, stop sleepwalking, and get to the whiteboard with other developers at the base layer to design a robust and sustainable fix to keep the Lightning Network decentralized and open in the long term.”

Riard also claims that in an effort to please venture capitalists, many Lightning Network-focused companies are undermining the Lightning Network’s mission and security incentives:

“The sad truth is that most of them work for venture-funded entities or commercial entities with the same low time preference, which causes long-term damage to the end user.”

Riad said this was a classic example of the “tragedy of the commons,” in which individuals and entities with access to public resources act in their own interests and deplete public resources.

Decentralization seems to be a trade-off that these venture-backed Lightning companies are willing to make, and it’s Riard’s main concern.

“Centralized systems are excellent in terms of efficiency, but they also suffer from systemic single points of failure and low user review costs, and these are fundamental risks that Bitcoin enthusiasts may want to hedge against.”

“I’m not sure this is an interesting future for Lightning,” Riad said. In fact, after leaving the Lightning ecosystem on October 20, he wanted no part of it:

“I don’t want to be associated with being responsible for the security of the Lightning Network and the ~5,300 BTC exposed here. There is little (I and others) can do to stop the bleeding without compromising the core value of the Lightning Network being censorship-resistant and permissionless.”

related: Bitcoin Lightning Network grows 1,200% in two years

The Lightning Network is a second-layer solution built on the Bitcoin blockchain.It aims to improve Bitcoin’s scalability and efficiency

Through the Lightning Network, users can open payment channels, conduct multiple off-chain transactions, and settle the final results on the Bitcoin blockchain. Substitution loop attacks are a new type of attack that allow attackers to exploit inconsistencies between various memory pools to steal funds from channel participants.

Cointelegraph reached out to Lightning Labs and other companies in the lighting ecosystem but received no response.

However, despite the security concerns and possible trend toward centralization, Riard explained that the Lightning Network has not suffered as many attacks as Ethereum Layer 2 because Lightning users typically only have wallets in their wallets at any given time. Store small amounts of money.

A total of $194.1 million in BTC is locked in the Lightning Network, according to to DeFiLlama.

Magazine: Should you give your child the “orange pill”?The case for Bitcoin children’s books