Blockstream developer Rusty Russell has revealed more details about the Lightning Network vulnerability, which first became known in late August.
As Russell wrote, the vulnerability arose during the creation and replenishment of its channels. In particular, when creating a channel, the recipient did not need to verify the transaction output amount used to replenish the channel or use the scriptpubkey script, which allows you to verify that certain conditions are met before spending the output...
This post is supported by @tipU upvote funded by @andhovesyan :)
@tipU voting service + profit sharing tokens | For investors.