Critical Security Update for Casa Nodes - September 10, 2019
Update your Casa Node to keep your funds secure
A security vulnerability that affects all Lightning nodes (not just Casa Nodes) has been disclosed. Today, it was announced that the vulnerability affects LND v0.7, which was previously thought to be secure. Since Casa Nodes are running LND v0.7, we are releasing an update that upgrades Casa Nodes to LND v0.7.1, which is safe from the vulnerability.
Please update your node immediately to ensure that you are not at risk. The security vulnerability includes the potential for loss of funds, so it is critical that you run this update. Further details will be disclosed about this vulnerability on Friday September 27, 2019 - please update before then.
What's the vulnerability?
The details about the vulnerability haven't been publicly announced yet. This gives everyone time to update their node before the actual exploit is published.
How do I know if I have the update?
When the update is available, you'll see a notification for it on your Casa Node dashboard. After updating, the notification will disappear, and you're good to go. You can check out this support article to see screenshots of the update process.
Where can I read more about this issue?
We have an official security disclosure post here, which we will update as more details are released about the vulnerability. Full details are scheduled to be released on Friday September 2017, 2019.