Bitcoinâs lightning network is growing âincreasingly centralized,â making it more susceptible to attacks, asserts a new paper by security researchers.
Seen as a potential solution to bitcoinâs scaling headaches, lightning is a payment network allowing for speedier and cheaper transactions. Partly to make lightning more robust, developers and researchers have been trying to spot holes in the network.
Released earlier this month, the paper âLightning Network: a second path towards centralisation of the Bitcoin economyâ (by researchers Jian-Hong Lin, Kevin Primicerio, Tiziano Squartini, Christian Decker and Claudio J. Tessone) concludes that lightning has an âunequal wealth distributionâ with a smaller percentage of nodes on the network gradually accumulating a larger proportion of bitcoin (BTC).
Specifically, the researchers found that 10 percent of the nodes control 80 percent of funds on the network. The situation, they caution, creates room for disruption. If most of the bitcoin is held mostly on a few nodes, this could make the network more vulnerable to attacks because removing these routing nodes would leave gaping holes. âRemoving hubs leads to the collapse of the network into many components⦠suggesting that this network may be a target for the so-called split attacks,â potentially leading to lightning being divided in half.Â
To be sure, engineer Christian Decker, a lightning engineer at bitcoin tech startup Blockstream and one of the paperâs authors, said he is not worried about this state of affairs lasting.
This trend toward centralization is âlikely temporary,â he tweeted. He and other lightning developers are âworking to make it easier for operators to build redundancies into the network.âÂ
The researchers analyzed how the global network of nodes used for sending payments from place to place has evolved over time, by combing through a series of snapshots of the network over a period of 18 months.
On the lightning network, a payment might need to hop across several nodes to reach its destination. Most nodes passively sit at the edge of the network to send or receive a payment.
But ârouting nodesâ in the middle are doing the heavy lifting of passing payments across the network on behalf of others. If they want, they can charge a small fee for their services.
The researchers looked at these intermediary nodes and found a smaller portion of them are starting to shepherd a higher percentage of payments.
Decker added that itâs not surprising more casual users arenât running routing nodes on the network.
âWe canât (and shouldnât) force users to invest the time and effort to run a routing node in the network, the best we can do is lower the barriers to do so, and maybe automate. Weâre not there yet, it is not very surprising that most stable nodes are run by few tech-savvy people,â he tweeted.
But he hopes running a routing node is at least easy enough for a power user with some extra timwe to set up without racking up major expenses.
âAs long as a hobbyist with some knowledge can set up a node and actively compete with the other operators in the network, I think we have achieved our goal,â he added.
In a similar what-could-go-wrong exercise, Hebrew University researchers released a paper this week showing how to execute a âcongestion attackâ on the lightning network, making it tough to send payments.Â
This hypothetical attack costs only about $4,000 at press time to significantly disrupt the network.
âOur results show that it is possible to disrupt the Lightning Network by locking most of its liquidity using less than half a bitcoin,â the paper reads.
Broadly, Decker sees this type of research as an important part of hardening the payment system.
âWe believe in publicly discussing both upsides as well as downsides of our protocol, and the network. Only this way we [can] make progress,â he wrote. âAnything else would be marketing, and thatâs not the business weâre in.â
