Paper 2024/826

Securing Lightning Channels against Rational Miners

Lukas Aumayr, TU Wien, Christian Doppler Laboratory Blockchain Technologies for the Internet of Things
Zeta Avarikioti, TU Wien, Common Prefix
Matteo Maffei, TU Wien, Christian Doppler Laboratory Blockchain Technologies for the Internet of Things
Subhra Mazumdar, Indian Institute of Technology Indore
Abstract

Payment channel networks (e.g., the Lightning Network in Bitcoin) constitute one of the most popular scalability solutions for blockchains. Their safety relies on parties being online to detect fraud attempts on-chain and being able to timely react by publishing certain transactions on-chain. However, a cheating party may bribe miners in order to censor those transactions, resulting in loss of funds for the cheated party: these attacks are known in the literature as timelock bribing attacks. In this work, we present the first channel construction that does not require parties to be online and, at the same time, is resistant to timelock bribing attacks. We start by proving for the first time that Lightning channels are secure against timelock bribing attacks in the presence of rational channel parties under the assumption that these parties constantly monitor the mempool and never deplete the channel in one direction. The latter underscores the importance of keeping a coin reserve in each channel as implemented in the Lightning Network, albeit for different reasons. We show, however, that the security of the Lightning Network against Byzantine channel parties does not carry over to a setting in which miners are rational and accept timelock bribes. Next, we introduce CRAB, the first Lightning-compatible channel construction that provides security against Byzantine channel parties and rational miners. CRAB leverages miners' incentives to safeguard the channel, thereby also forgoing the unrealistic assumption of channel parties constantly monitoring the mempool. Finally, we show how our construction can be refined to eliminate the major assumption behind payment channels, i.e., the need for online participation. To that end, we present Sleepy CRAB the first provably secure channel construction under rational miners that enables participants to go offline indefinitely. We also provide a proof-of-concept implementation of Sleepy CRAB and evaluate its cost in Bitcoin, thereby demonstrating its practicality.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. 31st ACM Conference on Computer and Communications Security (CCS), 2024
Keywords
blockchainsecuritypayment channel networksBitcoinLightning Networkincentive compatiblebribery resistant
Contact author(s)
lukas aumayr @ tuwien ac at
georgia avarikioti @ tuwien ac at
matteo maffei @ tuwien ac at
subhra mazumdar1993 @ gmail com
History
2024-06-19: revised
2024-05-27: received
See all versions
Short URL
https://ia.cr/2024/826
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/826,
      author = {Lukas Aumayr and Zeta Avarikioti and Matteo Maffei and Subhra Mazumdar},
      title = {Securing Lightning Channels against Rational Miners},
      howpublished = {Cryptology ePrint Archive, Paper 2024/826},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/826}},
      url = {https://eprint.iacr.org/2024/826}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.