Lightning Network ‘Helplessly Broken’ Against Quantum Computers, Warns Udi Wertheimer

Lightning Network is structurally vulnerable as its public keys are shared, which makes funds exposed to post-quantum attacks, Wertheimer claimed in his recent post.

Crypto analyst and Taproot developer Udi Wertheimer has stated that the Lightning Network is fundamentally vulnerable in a post-quantum scenario and claimed that its design leaves user funds exposed in ways that cannot be mitigated under current assumptions.

According to Wertheimer, the core issue stems from how public and private keys function in cryptocurrency systems. While traditional cryptography relies on the idea that private keys cannot be derived from public keys, he explained that sufficiently advanced quantum computers, which are known as cryptographically relevant quantum computers (CRQCs), could break this assumption by calculating private keys directly from public ones.

Lightning’s Weak Spot

In most on-chain Bitcoin usage, users can reduce exposure by avoiding address reuse, which helps keep public keys from being exposed unnecessarily. However, Wertheimer argued that this defense does not apply to the Lightning Network, where public keys must be shared as part of its basic operation.

Lightning relies on payment channels, which are essentially multi-signature arrangements between two parties. To open and maintain these channels, participants exchange public keys with counterparties. As a result, these keys are not only exposed but also stored by third parties, sometimes without users fully knowing who controls the infrastructure behind their channels.

As such, if any entity holding these public keys gains access to a CRQC, or if such data is leaked to an entity that does, then private keys could be derived without user interaction, thereby enabling the theft of funds. Wertheimer further claimed that such an attack would not require the high-speed quantum capabilities often discussed in theoretical scenarios, as there would be no need to intercept transactions in real time.

Instead, attackers could work offline using already available public key data. The problem is compounded by the opaque nature of Lightning infrastructure, where LN service providers can operate anonymously. This can leave users unable to assess how securely their data is handled.

The developer noted that even best practices within the Bitcoin ecosystem do not address this risk, as Lightning’s requirement for key sharing cannot be avoided. He went on to add that this makes the network “helplessly broken” in a quantum context, since no changes at the Lightning layer alone can resolve the issue.

You may also like:

Addressing the issue would require Bitcoin’s core protocol to adopt a quantum-safe cryptographic method. No such changes have been carried out so far. Until such changes occur, Lightning balances remain exposed and could be compromised once quantum technology advances enough to take advantage of these built-in weaknesses.

Google’s Warning

Wertheimer’s remarks come just days after Google’s team released a white paper detailing the potential risks posed by advanced quantum systems to cryptocurrencies. The report stated that a sufficiently powerful quantum computer could break the private keys of Ethereum’s 1,000 largest wallets in under nine days, putting over 20 million ETH at risk.

Later, Blockstream outlined measures being taken to protect Bitcoin from these threats. The firm revealed implementing post-quantum cryptography on its Liquid sidechain to allow users to create contracts that require quantum-resistant signatures to spend funds.

This strategy does not alter Bitcoin’s core protocol but instead adds protection at the contract level using Blockstream’s Simplicity smart contract language. The research also identified four main risks for sidechains – forged transaction signatures, forged block signatures, vulnerabilities in confidential transactions, and attacks on mechanisms that transfer assets between chains.