Antoine Riard, a security researcher and developer who exposed a vulnerability in the Lightning Network, Bitcoin’s scaling layer, has clarified this vulnerability is not an “intentional backdoor,” addressing statements made on social media. Riard stressed the problem had been known since 2022 and called on mainstream outlets to do responsible reporting on this issue.
Lightning Network Developer Clarifies Exposed Vulnerability Is No ‘Intentional Backdoor’
Antoine Riard, a security researcher and developer who recently exposed a vulnerability in Bitcoin’s Lightning Network, a scaling layer, clarified several points on the issue. In an email, Riard blasted social media reports that called the vulnerability an “intentional backdoor,” explaining the situation has been known in some circles since 2022.
Riard stated:
The security flaws are not ‘intentional backdoor’ or whatever misrepresentation that would question the competence and know-how of the Bitcoin and Lightning development community.
While he acknowledged that the mitigations already in place serve to harden the ecosystem against what he called “simple” or “medium attacks” and that more sophisticated attacks would involve preparation and sufficient P2P (peer-to-peer) and mempool knowledge, Riard stressed that changes at the bitcoin base layer might be the most “substantial” fix to this problem.
Responsible Journalism and Social Media Battles
In addition, Riard called for mainstream crypto sites and individual journalists to do responsible reporting on the issue, given the nature of current media distribution.
On this issue, Riard detailed:
If you’re a journalist reporting on the information in mainstream crypto publications, I’ll suggest waiting to do so before expert reporters of bitcoin circles who have more in-field knowledge can do so and qualify the technical situation with more distance.
Riard also stated that he was not on any social media app due to the “nature of the electronic communication and contemporaneous media,” which allows the propagation of sensitive information where “mitigations are still in deployment.” He concluded by stating that he’ll further comment on this issue if the information flow keeps hampering the ability of the community to discuss the fixes for this issue in a “responsible and constructive fashion.”
Many have started to criticize — and support — the feasibility of the changes needed to fix the Lightning Network. Samourai Wallet, a privacy-focused BTC wallet, declared that “the only change required to the base layer should be to permanently and irrevocably send the lightning network to the dustbin of history where it belongs.”
On the other hand, Jameson Lopp, co-founder and CTO of Casa, invited people to take advantage of this vulnerability. “If folks are so sure about the severity of a weakness, they’re free to exploit it! Go on, enrich yourselves, my node is waiting!” he added.
What do you think about the buzz awakened by the recently disclosed Lightning Network vulnerability? Tell us in the comments section below.