- The Liquid Network, a side-chain settlement net for faster Bitcoin transactions, faced a bug issue made public by developer James Prestwich.
- Approximately, $16 million Bitcoin could have been stolen with minimal authorization.
- The CEO of Blockstream, Adam Back, assured that the funds are safe and secure.
The Liquid Network, a side-chain settlement net for faster Bitcoin transactions, faced a bug issue made public by developer James Prestwich. Approximately, $16 million Bitcoin could have been stolen with minimal authorization. However, the CEO of Blockstream, Adam Back, assured that the funds are safe and secure. They are trying to find out a solution via the DynaFed update. The Liquid Federation has been working continuously to come out with a patch anytime soon.
The timelock issue
The functionary HSMs and servers malfunctioned due to bug issues. Timelocks refreshed before expiry, however, in this case, they refreshed after expiry. E.g. a timelock on UTXO (870 BTC) expired for 40 minutes.
According to reports, approximately 2000 UTXOs affected over the past 18 months. The bug made use of the inconsistency parameters and bypassed the multisig security model. It requires a minimum of 11 signatures out of 15 to complete a transaction. The bug brought down the signatures required to 2 or 3 which compromised millions of Bitcoins on the Liquid Network.
Company response and solutions on Bug
The CEO admitted that it’s a known issue but a remedy could not be provided due to various reasons. He assured of a workaround that would solve the problem temporarily. The digital currencies on the network were free from an outside attack as the bug could benefit only the employees of the firm.
There are possibilities of downtime while a patch deployed on any network. Earlier in the year, it wasn’t possible to deploy the same due to the small number of Bitcoin present on the network. A permanent fix in the form of DynaFed has been doing the rounds for a long time.
The update will help expand the number of functionaries and reassign the emergency keys. The timelock period extended to provide safety to Bitcoin users. The organization also assures better communication practices when dealing with adverse situations like these. A public Blockstream Help Center is in the making to address issues found out on the network.