Share this article
Researchers Surface Privacy Vulnerabilities in Bitcoin Lightning Network Payments
Privacy holes in the Lightning Network, a bitcoin transaction settlement layer, are leaking payment information.
By Ada Hui
Updated Sep 14, 2021, 8:31 a.m. Published Apr 21, 2020, 8:30 a.m.
New research warns cryptocurrency users the Lightning Network can expose financial information of bitcoin payments thought to be anonymous.
STORY CONTINUES BELOW
A second financial layer, the Lightning Network, was proposed in 2016 to improve the speed, affordability and privacy of bitcoin payments. In an attempt to enhance anonymity, transactions are broadcast off the bitcoin blockchain and routed through encrypted communications.
But according to two academic papers published in March and April, relatively straightforward cyberattacks could unearth balances on the Lightning Network. Authors of the March paper also unraveled pathways and parties of hidden payments.
“The gap between the potential privacy properties of the Lightning Network and the actual ones is large. As it is designed right now, the Lightning Network opens the door for various attacks,” said Ania Piotrowska, a cryptography researcher at the University College London, which collaborated with the University of Illinois at Urbana-Champaign on the March study.
Read more: Bitcoin’s Lightning Network Is Growing ‘Increasingly Centralized,’ Researchers Find
Nodes, building blocks of the Lightning Network, are software gateways that exchange bitcoin via payment channels. Both research teams, the other at the University of Luxembourg and the Norwegian University of Science and Technology, conducted attacks on only public channels. According to a report in January from cryptocurrency exchange BitMEX, 72.2 percent of Lightning Network channels are publicly announced, and 27.8 percent are kept private.
“As Lightning Network gains popularity, it is often touted as an alternative to bitcoin that is not only more scalable but also more private,” said Piotrowska, who also works at cryptocurrency privacy infrastructure startup Nym Technologies. “We felt that it was an interesting research question to study how private Lightning actually is.”
A raft of academic and corporate institutions have taken up Lightning Network development, from the Massachusetts Institute of Technology’s Digital Currency Initiative to bitcoin satellite maker Blockstream, engineering group Lightning Labs and Square Crypto, the cryptocurrency unit of the publicly traded financial technology company Square.
In December, Bitfinex, a high-volume cryptocurrency exchange, opted to let customers trade bitcoin over the Lightning Network.
Three-pronged attack
The American and British researchers, a team of seven, carried out three attacks on the Lightning Network during the months of December, January and February. Two attacks targeted the Lightning Network’s test network and main network to determine balances.
By forwarding payments with fake hashes – unique cryptographic identifiers of transactions – to channels opened with 132 test network nodes and six of the 10 largest main network nodes, the first balance attack accessed the balances of 619 test network channels and 678 main network channels.
The counterfeit payment spamming was stopped when error messages went away, a sign that actual channel amounts had been matched.
Read more: Cannabis Shops Are Using Zap’s Lightning App During Coronavirus Cash Crunch
At the start of the first balance attack, 4,585 test network channels and 1,293 main network channels were trialed from 3,035 test network nodes sharing 8,665 channels and 6,107 main network nodes sharing 35,069 channels.
The second balance attack also discovered the balances of randomly selected main network channels in a process of elimination with error messages. However, payment hashes were routed through two channels the researchers opened with two intermediate channels that sat between one start and one end channel.
Piecing together changes in balances learned from the first two attacks, the third attack constructed snapshots of the Lightning Network at different time intervals to detect payment movements and their senders, recipients and amounts.
“Identifying the sender and recipient means that we identify them according to their public keys and any other information linked to the node,” such as an IP address, a numerical string that tags the location of an electronic device that connects to the internet, she said. Public keys are handed out freely between parties in payment interactions; private keys that are guarded closely and that give ownership access of funds were not extracted.
Piotrowska noted that, owing to ethical concerns, the third attack was performed on a simulation of the Lightning Network.
Attack analysis
Mariusz Nowostawski, a computer scientist at the Norwegian University of Science and Technology and one of four authors of the April paper, said the March paper’s first balance attack is a derivative of “an older, known method” and that the second balance attack, while new, is limited to small-scale attacks.
The second balance attack “requires opening two channels for each single channel being probed, which is extremely costly as those opening and closing channels need to be on-chain,” Nowostawski said. “And it requires the balance in one of the channels to be placed on the side of the node being probed,” risking the attacker’s funds.
Read more: Lightning Solves Bitcoin’s Speed Problem, but Watch Out for Fraudsters
To stave off the loss of funds, an external liquidity service – similar to the Bitrefill liquidity provider used in the March paper attack – needs to fund the channel. Even so, the balance attack falls flat if a channel refuses to accept a channel opening, Nowostawski said.
The balance attack studied by the Luxembourger and Norwegian researchers doesn’t expend resources or rely on intermediate channels, said Nowostawski. The attack is also an error-message-reading algorithm that probes channels, but supposedly on a larger and faster scale that reduces new channel openings, fund lock-up time and contact with the bitcoin blockchain.
Benedikt Bünz, a Stanford University Applied Cryptography Group researcher, called the papers important to privacy in cryptocurrencies.
“For strong and good privacy, cryptographic solutions such as zero-knowledge proofs and confidential transactions are needed,” said Bünz. Zero-knowledge proofs, a cryptographic structure, could facilitate payments that don't leave traces of information behind with another party.
Read both papers below:
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Solana’s Drift Launches v3, With 10x Faster Trades
With v3, the team says that about 85% of market orders will fill in under half a second, and liquidity will deepen enough to bring slippage on larger trades down to around 0.02%.
What to know:
- Drift, one of the largest perpetuals trading platforms on Solana, has launched Drift v3, a major upgrade meant to make on-chain trading feel as fast and smooth as using a centralized exchange.
- The new version will deliver 10-times faster trade execution thanks to a rebuilt backend, marking the largest performance jump the project has made so far.
Top Stories
