Public scan reportRepository
lightningnetwork/lnd
Scanned on Jun 5, 2026
Risk score/ 100
High risk
Summary
The Lightning Network Daemon (lnd) relies heavily on quantum-vulnerable elliptic curve cryptography (ECDSA, secp256k1, ECDH) across critical components including node authentication, channel establishment, and payment routing. One critical finding involves the use of the obsolete 3DES cipher in TLS configuration. The pervasive use of Bitcoin's secp256k1 curve throughout the codebase poses significant quantum computing risks that could compromise channel funds and node identities when large-scale quantum computers become available.
1
18
0
0
Top findings
- Critical3DES / TripleDES
cert/tls.go:14
- Highsecp256k1 (Bitcoin curve)
brontide/fuzz_test.go:14
- HighECDSA
brontide/fuzz_test.go:111
ML-DSA (CRYSTALS-Dilithium) or SLH-DSA (SPHINCS+)
- Highsecp256k1 (Bitcoin curve)
brontide/fuzz_test.go:116
- Highsecp256k1 (Bitcoin curve)
brontide/noise.go:26
+ 14 more findings in the full report
Scan your own repository
Free. Results in ~90 seconds. CBOM + DORA/NIS2 PDF included.