The Specs Behind Bitcoin’s Lightning Pass Their First ‘Formal’ Security Test

A pair of researchers have released the results of a formal verification of bitcoin’s lightning network.

Lightning is new(ish), experimental, and bugs that could lead to loss of user funds are still being discovered. But even so, the paper – released last month by researchers Aggelos Kiayias and Orfeas Litos from The University of Edinburgh. Kiayias is also the chief scientist for blockchain firm IOHK – brought a dose of good news on the underlying security of the nascent payment network.

To date, lightning hadn’t been tested mathematically by way of formal security, which is a means of establishing how secure a computer science idea is with the help of mathematics. The paper describes the lack of formal verification for lightning’s code specification “a dire state of affairs” since lightning is today used to secure real money — at least $8.5 million.

The paper explains:

“As a result, our treatment delineates exactly how the security guarantees of the protocol depend on the properties of the underlying ledger.”

The process by which they did this is known as formal verification. While it’s a popular in the cryptocurrency space and helpful for determining the security of code, “formal security” is not done on every code program. Because of the deep knowledge required, it’s quite expensive.

‘Rock-solid’ specification

The results are positive, showing that the underlying cryptography piled together to make the payment system work is sound, the researchers argue.

“All the security-critical parts of the system are rock-solid. This was the expected result – many smart people have collaborated to converge to the current incarnation of lightning network,” Litos told CoinDesk.

What does that mean exactly? Litos and Kiayias took a look at lightning network’s specifications, which are the rules every lightning software implementation needs to be able to send payments to the rest of the network.

Litos told…

Source Link