TechFlow news — SlowMist founder Yu Xian stated on the X social platform that the Lightning Network's replacement cycling attack is somewhat similar to a sandwich attack in MEV, where an attacker front-runs and back-runs the victim to extract funds from the targeted party.
This type of attack is not easy to exploit and requires the following conditions:
Opening two channels with the victim;
Routing a payment through one of these two channels;
Successfully replacing the HTLC-timeout blocks of the victim's HTLC;
The victim fails to detect the HTLC preimage transaction.
Prior to this vulnerability being fixed, projects using the Lightning Network should remain cautious when establishing upstream and downstream channels. It is recommended to establish channels only with reputable counterparties to reduce the risk of being sandwiched. Further testing and validation are still required.





