Paper 2017/820

Concurrency and Privacy with Payment-Channel Networks

Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, and Srivatsan Ravi

Abstract

Permissionless blockchains protocols such as Bitcoin are inherently limited in transaction throughput and latency. Current efforts to address this key issue focus on off-chain payment channels that can be combined in a Payment-Channel Network (PCN) to enable an unlimited number of payments without requiring to access the blockchain other than to register the initial and final capacity of each channel. While this approach paves the way for low latency and high throughput of payments, its deployment in practice raises several privacy concerns as well as technical challenges related to the inherently concurrent nature of payments, such as race conditions and deadlocks, that have been understudied so far. In this work, we lay the foundations for privacy and concurrency in PCNs, presenting a formal definition in the Universal Composability framework as well as practical and provably secure solutions. In particular, we present Fulgor and Rayo. Fulgor is the first payment protocol for PCNs that provides provable privacy guarantees for PCNs and is fully compatible with the Bitcoin scripting system. However, Fulgor is a blocking protocol and therefore prone to deadlocks of concurrent payments as in currently available PCNs. Instead, Rayo is the first protocol for PCNs that enforces non-blocking progress (i.e., at least one of the concurrent payments terminates). We show through a new impossibility result that non-blocking progress necessarily comes at the cost of weaker privacy. At the core of Fulgor and Rayo is Multi-Hop HTLC, a new smart contract, compatible with the Bitcoin scripting system, that provides conditional payments while reducing running time and communication overhead with respect to previous approaches. Our performance evaluation of Fulgor and Rayo shows that a payment with 10 intermediate users takes as few as 5 seconds, thereby demonstrating their feasibility to be deployed in practice.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. ACM Conference on Computer and Communications Security (CCS) 2017
DOI
10.1145/3133956.3134096
Keywords
Payment-Channel NetworkBitcoinScalabilityPrivacyConcurrency
Contact author(s)
malavolta @ cs fau de
History
2017-09-06: revised
2017-08-31: received
See all versions
Short URL
https://ia.cr/2017/820
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/820,
      author = {Giulio Malavolta and Pedro Moreno-Sanchez and Aniket Kate and Matteo Maffei and Srivatsan Ravi},
      title = {Concurrency and Privacy with Payment-Channel Networks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/820},
      year = {2017},
      doi = {10.1145/3133956.3134096},
      url = {https://eprint.iacr.org/2017/820}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.