User error leads to 4 BTC loss on Lightning Network

2865
User error leads to 4 BTC loss on Lightning Network

Lightning Network has the potential for massive impact on Bitcoin and the larger crypto space, but its ongoing failures thus far suggest this potential may never be realized.

Earlier today, Reddit user INWHY shared the transcript of a conversation surrounding a catastrophic user error that led to the loss of four bitcoins.

While this is far from the first Lightning Network shortcoming, the issue here represents a Bitcoin loss far greater than what is typically found.

Per the conversation, INWHY issued a command to close out his active nodes after a power outage took his network offline.

What went wrong?

What went wrong?

The Lightning Network is, in essence, a web of A-B payment channels between nodes. After users broadcast funds to the network, they can route their coins across these various channels until it arrives at its destination, no fee required.

In order to take the money back off of the network, users must broadcast an intention to take their nodes offline.

Through this, the current state of supplied and received funds is communicated to other nodes, and the amount assigned to the exiting nodes is returned to the user.

However, if the broadcast closure is done with an account of the network that is dated and does not account for the most recent transactions, connected nodes can flag the activity as erroneous with their updated transaction history as proof.

In this instance, the user leaving the network is forced to forfeit their coins.

When INWHY force closed his nodes, they did so with a transaction backup dated several days prior – likely due to the power outage prohibiting him from procuring a more recent backup.

Other parties with connected nodes flagged the exit, backed by an up-to-date transaction history, and the user had their 4 BTC forfeited.

Bug or feature?

Lightning Network bug or feature?

While it may seem harsh that an erroneous closure yields complete forfeiture of funds, the mechanism is put in place to deter malicious activity.

Should a user make a purchase on the Lightning Network, then close out with a transaction history dated before that purchase, they could, in theory, recover their coins and complete the purchase if no safeguard was implemented.

While effective in deterring cheaters, this system, of course, does not account for user error, and in extreme cases, the zero-tolerance rules system can have massive, unintended consequences at the hand of user error.

An avoidable mistake

While it’s difficult to justify a system where users can lose thousands of dollars when they slip up, it’s important to recognize how avoidable this situation is.

The user was taking advantage of a static backup system. That is, one which records network status when new nodes are created.

Alternately, they could have used a dynamic backup, which updates as transactions are broadcast.

Additionally, there is already a capacity limit of 0.16 BTC per node. In order to lose four Bitcoin, the user had to have been running over two dozen nodes at full capacity.

So, while the situation is unfortunate and serves as yet another example of how far Lightning Network has yet to go, the loss could have been mitigated – if not avoided altogether.