Atlas21
  • ‎
No Result
View All Result
Atlas21
No Result
View All Result
Atlas21
Home Bitcoin

BTCPay Server: new vulnerability found in LNbank plugin

Newsroom by Newsroom
January 4, 2024
in Bitcoin
btcpay server
Share on FacebookShare on TwitterShare on Linkedin

The plugin that enables accepting Lightning payments without the need for one’s own node is being discontinued due to two vulnerabilities identified within a few days.

BTCPay Server, the open-source software enabling Bitcoin payments, allows the development and addition of advanced features through an external plugin system.

LNbank is an external plugin that enables an administrator of a BTCPay Server instance to become the custodian of funds for users of that instance, allowing them to receive and send Lightning transactions easily without the need for their own node.

Two bugs in two weeks

In just over two weeks, two severe vulnerabilities were found in LNbank, leading Dennis Reimann, the developer of the plugin, to halt the development of LNbank.

The first bug, allowing the withdrawal of liquidity from the Lightning node of a BTCPay Server instance administrator, resulted in the loss of funds for some users. One user lost 4 BTC.

On December 25th, the BTCPay Server team identified a second vulnerability in version 1.9.0 of the plugin.

🚨A critical security vulnerability has been found in LNbank, external plugin v1.9.0.

To mitigate, all users using this plugin are urged to update immediately.

LNbank plugin is also being phased out in 1.9.2.

More information: https://t.co/WtIhYeB2xg pic.twitter.com/4sWdlozDtA

— BTCPay Server (@BtcpayServer) December 26, 2023

To mitigate the issue, the BTCPay Server team urges all users employing the LNbank plugin to update immediately with the newly released version.

Version 1.9.2 addresses the vulnerability in question and completely disables the transaction sending functionality.

Despite the update, Dennis Reimann has stated that version 1.9.2 will be the last version of LNbank, advising all users of the plugin to gradually phase out its usage, especially on an instance allowing open registration.

The two vulnerabilities found impact only users utilizing the LNbank plugin. Users who have not enabled it are unaffected and do not need to take any specific actions.

Previous Post

Not just Bitcoin: Argentina will also consider transactions completed with food as valid

Next Post

What is the passphrase?

Latest News

stablecoin
Crypto

The digital ruble and the digital euro are the same prison with different walls

by Federico Rivi
July 3, 2026
0

Moscow and Frankfurt speak different languages but are building the same architecture: programmability, transaction surveillance, abolition of monetary privacy.

Read moreDetails
criptovalute
Industry

Russia to roll out the digital ruble at scale by September

by Newsroom
July 3, 2026
0

The Bank of Russia's timeline moves the digital ruble from pilot to national monetary infrastructure, with direct implications for the...

Read moreDetails
Jeff Booth: Bitcoin is a protocol, not an asset
Bitcoin

Jeff Booth: Bitcoin is a protocol, not an asset

by Newsroom
July 2, 2026
0

The distinction between store of value and monetary protocol determines, according to Booth, the very fate of the network over...

Read moreDetails
La Fed pubblica i primi dati dello studio sui pagamenti 2025
Industry

Fed releases first data from the 2025 payments study

by Newsroom
July 2, 2026
0

The Federal Reserve's triennial study captures a system digitalising under state stewardship: whoever controls payment infrastructure data controls the currency.

Read moreDetails
Raccontare Bitcoin tramite l’arte
Feature

The Fed’s independence is a legal fiction

by Federico Rivi
July 1, 2026
0

The SCOTUS rulings of 29 June 2026 on independent agencies reveal that the American central bank has always been, in...

Read moreDetails
Atlas21

© 2026 Atlas21

Navigate Site

  • Editorial Policy
  • Cookie Policy
  • Privacy Policy
  • Team

Follow Us

No Result
View All Result
  • Bitcoin 101
    • What Is Bitcoin? A Complete Guide
    • Bitcoin Security: A Complete Guide
    • Bitcoin Privacy: A Complete Guide
    • Lightning Network: A Complete Guide
    • Bitcoin Mining: A Complete Guide
    • Advanced Bitcoin: A Technical Guide
  • Learn
  • Latest News
  • Interviews
  • Opinion
  • Feature
  • B2B Services
  • About Us
  • Contacts

© 2026 Atlas21

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site, we will assume that you are happy with it.