Bitcoin has long been criticized for the low number of transactions the network can process in a given time. To overcome this problem, various solutions have been created, including Liquid. Unfortunately, the centralization of the sidechain created by Blockstream seems to pose problems.
As we saw in the introduction, the Liquid Network is the response imagined by Blockstream to the scalability problem of Bitcoin. Indeed, the Bitcoin network can only process a limited number of transactions per second. What is more, in times of high usage, transaction costs can reach exorbitant amounts.
Thus, Liquid is a sidechain. A sidechain is a blockchain that exists in parallel with another blockchain, in our case in parallel with Bitcoin. Users can transfer BTCs there which will be converted to Liquid BTC (L-BTC) at a rate of 1: 1. These L-BTCs can then be exchanged or transferred to the Liquid blockchain without overloading the Bitcoin blockchain.
Unlike Bitcoin, this channel is not secured by miners, but by trusted operators. This design has led to a lot of criticism of the centralization of the network.
The exposed model
On Friday night, developer James Prestwich posted a Twitter thread regarding a surprising event on the Liquid network.
Looks like the liquid emergency 2-of-3 operators can steal 870 Bitcoin because this TXO has aged 2015 blocks?
cc @notgrubles https://t.co/rLwkdIuHYu
— James Prestwich (@_prestwich) June 25, 2020
Thus, operators of the Liquid network would have “stolen” 870 BTC ( $ 8 million), since the transaction was 2015 blocks old.
“For just under and hour, the emergency 2-of-3 controlled 870 Bitcoin this violates liquid’s security model we know about this because liquid holds Bitcoin” Said Prestwich on Twitter.
Unfortunately – and this is due to the design of Liquid – it is impossible to know the reasons for this “seizure”:
“We don’t know what caused it, because liquid federation behavior is trusted and closed.” He added
Obviously, the reactions were not long in coming. Adam Back said this was a known problem, but not resolved due to the COVID-19 crisis:
“This is a known issue. the coins are auto-swept forward as part of the HSM peg process. funds are safe as keys are offline and geo-distributed. we were planning to address via HSM upgrade, which is a manual hands on process for security, but covid lock-downs made that difficult. ” He replied
Whether or not the “flaw” is known, this does not change criticisms of the Liquid network. Long presented as a “ trustless ” network, the truth could be quite different: operators can access funds as they see fit. Bad news for the sidechain similar to the Lightning Network.