Rene Pickhardt,Sergei Tikhomirov,Alex Biryukov,Mariusz Nowostawski

DOI: https://doi.org/10.48550/arXiv.2103.08576

2021-03-16

Abstract:The Lightning Network (LN) is a prominent payment channel network aimed at addressing Bitcoin's scalability issues. Due to the privacy of channel balances, senders cannot reliably choose sufficiently liquid payment paths and resort to a trial-and-error approach, trying multiple paths until one succeeds. This leaks private information and decreases payment reliability, which harms the user experience. This work focuses on the reliability and privacy of LN payments. We create a probabilistic model of the payment process in the LN, accounting for the uncertainty of the channel balances. This enables us to express payment success probabilities for a given payment amount and a path. Applying negative Bernoulli trials for single- and multi-part payments allows us to compute the expected number of payment attempts for a given amount, sender, and receiver. As a consequence, we analytically derive the optimal number of parts into which one should split a payment to minimize the expected number of attempts. This methodology allows us to define service level objectives and quantify how much private information leaks to the sender as a side effect of payment attempts. We propose an optimized path selection algorithm that does not require a protocol upgrade. Namely, we suggest that nodes prioritize paths that are most likely to succeed while making payment attempts. A simulation based on the real-world LN topology shows that this method reduces the average number of payment attempts by 20% compared to a baseline algorithm similar to the ones used in practice. This improvement will increase to 48% if the LN protocol is upgraded to implement the channel rebalancing proposal described in BOLT14.

Cryptography and Security

Georgia Avarikioti,Felix Laufenberg,Jakub Sliwinski,Yuyi Wang,Roger Wattenhofer

DOI: https://doi.org/10.48550/arXiv.1811.12740

2018-11-30

Abstract:Micropayment channels are the most prominent solution to the limitation on transaction throughput in current blockchain systems. However, in practice channels are risky because participants have to be online constantly to avoid fraud, and inefficient because participants have to open multiple channels and lock funds in them. To address the security issue, we propose a novel mechanism that involves watchtowers incentivized to watch the channels and reveal a fraud. Our protocol does not require participants to be online constantly watching the blockchain. The protocol is secure, incentive compatible and lightweight in communication. Furthermore, we present an adaptation of our protocol implementable on the Lightning protocol. Towards efficiency, we examine specific topological structures in the blockchain transaction graph and generalize the construction of channels to enable topologies better suited to specific real-world needs. In these cases, our construction reduces the required amount of signatures for a transaction and the total amount of locked funds in the system.

Cryptography and Security,Computer Science and Game Theory

Changting Lin,Ning Ma,Xun Wang,Jianhai Chen

DOI: https://doi.org/10.1016/j.neucom.2019.09.114

IF: 6

2020-01-01

Neurocomputing

Abstract:One of the fundamental problems that hinders the current blockchain systems for industrial use is scalability. Lightning Network has been proposed to address this challenge, which executes massive amount of transactions off-chain via pre-constructed payment channels, and only records the final state when a payment channel is closed. However, current Lightning Network heavily rely on the single path payment. When the payment value exceeds the deposit of each individual path, the customer has to close all the existing payment channels and construct a new one from scratch, which we term as the overload issue. In addition, the single path payment bears the inherent risk of sensitive information (e.g., payment value) leaking.

Ben Weintraub,Satwik Prabhu Kumble,Cristina Nita-Rotaru,Stefanie Roos

2024-05-03

Abstract:The Lightning Network, a payment channel network with a market cap of over 192M USD, is designed to resolve Bitcoin's scalability issues through fast off-chain transactions. There are multiple Lightning Network client implementations, all of which conform to the same textual specifications known as BOLTs. Several vulnerabilities have been manually discovered, but to-date there have been few works systematically analyzing the security of the Lightning Network.

Cryptography and Security

Silvia Bartolucci,Fabio Caccioli,Pierpaolo Vivo

DOI: https://doi.org/10.48550/arXiv.1912.03556

2019-12-08

Abstract:The Lightning Network is a so-called second-layer technology built on top of the Bitcoin blockchain to provide "off-chain" fast payment channels between users, which means that not all transactions are settled and stored on the main blockchain. In this paper, we model the emergence of the Lightning Network as a (bond) percolation process and we explore how the distributional properties of the volume and size of transactions per user may impact its feasibility. The agents are all able to reciprocally transfer Bitcoins using the main blockchain and also - if economically convenient - to open a channel on the Lightning Network and transact "off chain". We base our approach on fitness-dependent network models: as in real life, a Lightning channel is opened with a probability that depends on the "fitness" of the concurring nodes, which in turn depends on wealth and volume of transactions. The emergence of a connected component is studied numerically and analytically as a function of the parameters, and the phase transition separating regions in the phase space where the Lightning Network is sustainable or not is elucidated. We characterize the phase diagram determining the minimal volume of transactions that would make the Lightning Network sustainable for a given level of fees or, alternatively, the maximal cost the Lightning ecosystem may impose for a given average volume of transactions. The model includes parameters that could be in principle estimated from publicly available data once the evolution of the Lighting Network will have reached a stationary operable state, and is fairly robust against different choices of the distributions of parameters and fitness kernels.

Computers and Society,Physics and Society,Statistical Finance

Cosimo Sguanci,Anastasios Sidiropoulos

DOI: https://doi.org/10.1109/ICBC56567.2023.10174926

2024-02-07

Abstract:The Lightning Network (LN) has enjoyed rapid growth over recent years, and has become the most popular scaling solution for the Bitcoin blockchain. The security of the LN relies on the ability of the nodes to close a channel by settling their balances, which requires confirming a transaction on the Bitcoin blockchain within a pre-agreed time period. We study the susceptibility of the LN to mass exit attacks in case of high transaction congestion, in the presence of a small coalition of adversarial nodes that forces a large set of honest users to interact with the blockchain. We focus on two types of attacks: (i) The first is a zombie attack, where a set of k nodes become unresponsive with the goal of locking the funds of many channels for a period of time longer than what the LN protocol dictates. (ii) The second is a mass double-spend attack, where a set of k nodes attempt to steal funds by submitting many closing transactions that settle channels using expired protocol states; this causes many honest nodes to have to quickly respond by submitting invalidating transactions. We show via simulations that, under historically plausible congestion conditions, with mild statistical assumptions on channel balances, both attacks can be performed by a very small coalition. To perform our simulations, we formulate the problem of finding a worst-case coalition of k adversarial nodes as a graph cut problem. Our experimental findings are supported by theoretical justifications based on the scale-free topology of the LN.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Zeta Avarikioti,Tomasz Lizurej,Tomasz Michalak,Michelle Yeo

DOI: https://doi.org/10.48550/arXiv.2306.16006

2023-06-28

Computer Science and Game Theory

Abstract:Payment channel networks (PCNs) are a promising solution to the scalability problem of cryptocurrencies. Any two users connected by a payment channel in the network can theoretically send an unbounded number of instant, costless transactions between them. Users who are not directly connected can also transact with each other in a multi-hop fashion. In this work, we study the incentive structure behind the creation of payment channel networks, particularly from the point of view of a single user that wants to join the network. We define a utility function for a new user in terms of expected revenue, expected fees, and the cost of creating channels, and then provide constant factor approximation algorithms that optimise the utility function given a certain budget. Additionally, we take a step back from a single user to the whole network and examine the parameter spaces under which simple graph topologies form a Nash equilibrium.

Matthias Grundmann,Hannes Hartenstein

DOI: https://doi.org/10.48550/arXiv.2010.08316

2020-10-16

Abstract:Payment channel networks are a highly discussed approach for improving scalability of cryptocurrencies such as Bitcoin. As they allow processing transactions off-chain, payment channel networks are referred to as second layer technology, while the blockchain is the first layer. We uncouple payment channel networks from blockchains and look at them as first-class citizens. This brings up the question what model payment channel networks require as first layer. In response, we formalize a model (called RFL Model) for a first layer below a payment channel network. While transactions are globally made available by a blockchain, the RFL Model only provides the reduced property that a transaction is delivered to the users being affected by a transaction. We show that the reduced model's properties still suffice to implement payment channels. By showing that the RFL Model can not only be instantiated by the Bitcoin blockchain but also by trusted third parties like banks, we show that the reduction widens the design space for the first layer. Further, we show that the stronger property provided by blockchains allows for optimizations that can be used to reduce the time for locking collateral during payments over multiple hops in a payment channel network.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Josip Bozic,Lina Marsso,Radu Mateescu,Franz Wotawa

DOI: https://doi.org/10.4204/EPTCS.268.1

2018-03-28

Abstract:Testing of network services represents one of the biggest challenges in cyber security. Because new vulnerabilities are detected on a regular basis, more research is needed. These faults have their roots in the software development cycle or because of intrinsic leaks in the system specification. Conformance testing checks whether a system behaves according to its specification. Here model-based testing provides several methods for automated detection of shortcomings. The formal specification of a system behavior represents the starting point of the testing process. In this paper, a widely used cryptographic protocol is specified and tested for conformance with a test execution framework. The first empirical results are presented and discussed.

Cryptography and Security,Software Engineering

Mathus Garza,Jesús Andrés

Abstract:The development of decentralized blockchain-based systems has unlocked opportunity in untrusted systems. As more blockchains were created, however, a lack of interoperability became apparent. In response, centralized exchanges facilitating transactions across different blockchains emerged, reintroducing trusted third parties that blockchains were in part created to eliminate. Although blockchain capabilities were promising, their emergence resulted in embezzlement, hacks, and scandals that resulted in significant financial losses. A program allowing for peer to peer cross-chain exchanges would reestablish the decentralized foundation upon which blockchains were built and eliminate the risks associated with centralized exchanges. In this work we extend Lightning Network capabilities and develop a protocol enabling secure peer to peer channels to safely transact across blockchains. The system connects individuals using the Lightning Network’s channel creation functions, and introduces four new channel commands: Price, Compare, Exchange, and Respond. Together, they integrate hashed timelock contracts that introduce peer to peer negotiations and exchange functionality from one blockchain to another. With this functionality in place, individuals gain more control over their own assets and rely less on third parties, reaffirming decentralization throughout the blockchain ecosystem and laying a new foundation for distributed systems to interact with less friction. Thesis Supervisor: Thaddeus Dryja Title: MIT Digital Currency Initiative Research Scientist Thesis Supervisor: Jonathan Ramsay Key Title: Draper Cloud Architecture Group Leader

Computer Science,Business

Mahdi H. Miraz,David C. Donald

DOI: https://doi.org/10.1145/3325917.3325942

2019-06-20

Abstract:Following in the footsteps of pioneer Bitcoin, many altcoins as well as coloured coins have been being developed and merchandised adopting blockchain as the core enabling technology. However, since interoperability and scalability, due to high and capped (in particular cases) transaction latency are deep-rooted in the architecture of blockchain technology, they are by default inherited in any blockchain based applications. Lightning Network (LN) is one of the supporting technologies developed to eliminate this impediment of blockchain technology by facilitating instantaneous transfers of cryptos. Since the potentials of LN is still relatively unknown, this paper investigates the current states of development along with possible non-monetary usage of LN, especially in settlement coloured coins such as securities, as well as creation of new business models based on Lightning Applications (LApps) and microchannel payments as well as micro-trades. The legal challenges that may act as impediment to the adoption of LN is also discussed.

Cryptography and Security

Ahmet Kurt,Kemal Akkaya,Sabri Yilmaz,Suat Mercan,Omer Shlomovits,Enes Erdin

2023-07-20

Abstract:Bitcoin has emerged as a revolutionary payment system with its decentralized ledger concept; however it has significant problems such as high transaction fees and low throughput. Lightning Network (LN), which was introduced much later, solves most of these problems with an innovative concept called off-chain payments. With this advancement, Bitcoin has become an attractive venue to perform micro-payments which can also be adopted in many IoT applications (e.g., toll payments). Nevertheless, it is not feasible to host LN and Bitcoin on IoT devices due to the storage, memory, and processing restrictions. Therefore, in this paper, we propose a secure and efficient protocol that enables an IoT device to use LN's functions through an untrusted gateway node. Through this gateway which hosts the LN and Bitcoin nodes, the IoT device can open & close LN channels and send & receive LN payments. This delegation approach is powered by a threshold cryptography based scheme that requires the IoT device and the LN gateway to jointly perform all LN operations. Specifically, we propose thresholdizing LN's Bitcoin public and private keys as well as its public and private keys for the new channel states (i.e., commitment points). We prove with a game theoretical security analysis that the IoT device is secure against collusion attacks. We implemented the proposed protocol by changing LN's source code and thoroughly evaluated its performance using several Raspberry Pis. Our evaluation results show that the protocol; is fast, does not bring extra cost overhead, can be run on low data rate wireless networks, is scalable and has negligible energy consumption overhead. To the best of our knowledge, this is the first work that implemented threshold cryptography in LN.

Cryptography and Security

Steven Cao,Swanand Kadhe,Kannan Ramchandran

DOI: https://doi.org/10.48550/arXiv.2010.00217

2020-10-01

Abstract:Validating a blockchain incurs heavy computation, communication, and storage costs. As a result, clients with limited resources, called light nodes, cannot verify transactions independently and must trust full nodes, making them vulnerable to security attacks. Motivated by this problem, we ask a fundamental question: can light nodes securely validate without any full nodes? We answer affirmatively by proposing CoVer, a decentralized protocol that allows a group of light nodes to collaboratively verify blocks even under a dishonest majority, achieving the same level of security for block validation as full nodes while only requiring a fraction of the work. In particular, work per node scales down proportionally with the number of participants (up to a log factor), resulting in computation, communication, and storage requirements that are sublinear in block size. Our main contributions are light-node-only protocols for fraud proofs and data availability.

Cryptography and Security

Satwik Prabhu Kumble,Dick Epema,Stefanie Roos

2023-10-06

Abstract:In PCNs, nodes that forward payments between a source and a receiver are paid a small fee if the payment is successful. The fee is a compensation for temporarily committing funds to the payment. However, payments may fail due to insufficient funds or attacks, often after considerable delays of up to several days, leaving a node without compensation. Furthermore, attackers can intentionally cause failed payments, e.g., to infer private information (like channel balances), without any cost in fees. In this paper, we first use extensive form games to formally characterize the conditions that lead to rational intermediaries refusing (or agreeing) to forward payments. A decision made by an intermediary to forward or not depends on the probability of failure, which they approximate based on past experience. We then propose and analyze an alternative fee model that allows the sender to determine and pay a fraction of the fee to intermediaries in a non refundable manner. A rational sender chooses the fraction such that the intermediaries' utility for forwarding the payment exceeds their utility for not forwarding. Our simulation study, based on real world Lightning snapshots, confirms that our novel mechanism can increase the probability of successful payments by 12 percent and decrease routing fees for senders by about 6 percent if all nodes behave rationally. Furthermore, previously cost free probing attacks now require that the attacker pays 1500 satoshis for every 1 million satoshis inferred. Finally, we propose a modification to the Hash Time Locked Contract to enable secure payments of the non refundable fees.

Computer Science and Game Theory,Computational Engineering, Finance, and Science

Igor Konnov,Markus Kuppe,Stephan Merz

DOI: https://doi.org/10.48550/arXiv.2211.07216

2022-11-14

Logic in Computer Science

Abstract:Using an algorithm due to Safra for distributed termination detection as a running example, we present the main tools for verifying specifications written in TLA+. Examining their complementary strengths and weaknesses, we suggest a workflow that supports different types of analysis and that can be adapted to the desired degree of confidence.

Ferenc Beres,Istvan Andras Seres,Andras A. Benczur

DOI: https://doi.org/10.48550/arXiv.1911.09432

2019-11-21

Cryptography and Security

Abstract:Lightning Network (LN) is designed to amend the scalability and privacy issues of Bitcoin. It's a payment channel network where Bitcoin transactions are issued off chain, onion routed through a private payment path with the aim to settle transactions in a faster, cheaper, and private manner, as they're not recorded in a costly-to-maintain, slow, and public ledger. In this work, we design a traffic simulator to empirically study LN's transaction fees and privacy provisions. The simulator relies on publicly available data of the network structure and generates transactions under assumptions we attempt to validate based on information spread by certain blog posts of LN node owners. Our findings on the estimated revenue from transaction fees are in line with widespread opinion that participation is economically irrational for the majority of large routing nodes who currently hold the network together. Either traffic or transaction fees must increase by orders of magnitude to make payment routing economically viable. We give worst-case estimates for the potential fee increase by assuming strong price competition among the routers. We estimate how current channel structures and pricing policies respond to a potential increase in traffic, how reduction in locked funds on channels would affect the network, and show examples of nodes who are estimated to operate with economically feasible revenue. Even if transactions are onion routed, strong statistical evidence on payment source and destination can be inferred, as many transaction paths only consist of a single intermediary by the side effect of LN's small-world nature. Based on our simulation experiments, we quantitatively characterize the privacy shortcomings of current LN operation, and propose a method to inject additional hops in routing paths to demonstrate how privacy can be strengthened with very little additional transactional cost.

Alan Tang,Ryan Beckett,Steven Benaloh,Karthick Jayaraman,Tejas Patil,Todd Millstein,George Varghese

DOI: https://doi.org/10.1145/3603269.3604842

2023-09-21

Abstract:Current network control plane verification tools cannot scale to large networks, because of the complexity of jointly reasoning about the behaviors of all nodes in the network. In this paper we present a modular approach to control plane verification, whereby end-to-end network properties are verified via a set of purely local checks on individual nodes and edges. The approach targets the verification of safety properties for BGP configurations and provides guarantees in the face of both arbitrary external route announcements from neighbors and arbitrary node/link failures. We have proven the approach correct and also implemented it in a tool called Lightyear. Experimental results show that Lightyear scales dramatically better than prior control plane verifiers. Further, we have used Lightyear to verify three properties of the wide area network of a major cloud provider, containing hundreds of routers and tens of thousands of edges. To our knowledge no prior tool has been demonstrated to provide such guarantees at that scale. Finally, in addition to the scaling benefits, our modular approach to verification makes it easy to localize the causes of configuration errors and to support incremental re-verification as configurations are updated.

Networking and Internet Architecture

Kaylash Chaudhary,Ansgar Fehnker,Jaco van de Pol,Marielle Stoelinga

DOI: https://doi.org/10.4204/EPTCS.196.5

2015-11-13

Abstract:Bitcoin is a popular digital currency for online payments, realized as a decentralized peer-to-peer electronic cash system. Bitcoin keeps a ledger of all transactions; the majority of the participants decides on the correct ledger. Since there is no trusted third party to guard against double spending, and inspired by its popularity, we would like to investigate the correctness of the Bitcoin protocol. Double spending is an important threat to electronic payment systems. Double spending would happen if one user could force a majority to believe that a ledger without his previous payment is the correct one. We are interested in the probability of success of such a double spending attack, which is linked to the computational power of the attacker. This paper examines the Bitcoin protocol and provides its formalization as an UPPAAL model. The model will be used to show how double spending can be done if the parties in the Bitcoin protocol behave maliciously, and with what probability double spending occurs.

Logic in Computer Science,Cryptography and Security

Vincent,Emanuele Rossi,Vikash Singh

2024-05-20

Abstract:The Bitcoin Lightning Network is a Layer 2 payment protocol that addresses Bitcoin's scalability by facilitating quick and cost effective transactions through payment channels. This research explores the feasibility of using machine learning models to interpolate channel balances within the network, which can be used for optimizing the network's pathfinding algorithms. While there has been much exploration in balance probing and multipath payment protocols, predicting channel balances using solely node and channel features remains an uncharted area. This paper evaluates the performance of several machine learning models against two heuristic baselines and investigates the predictive capabilities of various features. Our model performs favorably in experimental evaluation, outperforming by 10% against an equal split baseline where both edges are assigned half of the channel capacity.

Machine Learning

Joshua Lind,Oded Naor,Ittay Eyal,Florian Kelbert,Peter Pietzuch,Emin Gun Sirer

DOI: https://doi.org/10.48550/arXiv.1707.05454

2019-10-26

Abstract:Blockchains such as Bitcoin and Ethereum execute payment transactions securely, but their performance is limited by the need for global consensus. Payment networks overcome this limitation through off-chain transactions. Instead of writing to the blockchain for each transaction, they only settle the final payment balances with the underlying blockchain. When executing off-chain transactions in current payment networks, parties must access the blockchain within bounded time to detect misbehaving parties that deviate from the protocol. This opens a window for attacks in which a malicious party can steal funds by deliberately delaying other parties' blockchain access and prevents parties from using payment networks when disconnected from the blockchain. We present Teechain, the first layer-two payment network that executes off-chain transactions asynchronously with respect to the underlying blockchain. To prevent parties from misbehaving, Teechain uses treasuries, protected by hardware trusted execution environments (TEEs), to establish off-chain payment channels between parties. Treasuries maintain collateral funds and can exchange transactions efficiently and securely, without interacting with the underlying blockchain. To mitigate against treasury failures and to avoid having to trust all TEEs, Teechain replicates the state of treasuries using committee chains, a new variant of chain replication with threshold secret sharing. Teechain achieves at least a 33x higher transaction throughput than the state-of-the-art Lightning payment network. A 30-machine Teechain deployment can handle over 1 million Bitcoin transactions per second.

Cryptography and Security