Cryptology ePrint Archive: Report 2019/328

On the Difficulty of Hiding the Balance of Lightning Network Channels

Jordi Herrera-Joancomartí and Guillermo Navarro-Arribas and Alejandro Ranchal-Pedrosa and Cristina Pérez-Solà and Joaquin Garcia-Alfaro

Abstract: The Lightning Network is a second layer technology running on top of Bitcoin and other Blockchains. It is composed of a peer-to-peer network, used to transfer raw information data. Some of the links in the peer-to-peer network are identified as payment channels, used to conduct payments between two Lightning Network clients (i.e., the two nodes of the channel). Payment channels are created with a fixed credit amount, the channel capacity. The channel capacity, together with the IP address of the nodes, is published to allow a routing algorithm to find an existing path between two nodes that do not have a direct payment channel. However, to preserve users' privacy, the precise balance of the pair of nodes of a given channel (i.e. the bandwidth of the channel in each direction), is kept secret. Since balances are not announced, second-layer nodes probe routes iteratively, until they find a successful route to the destination for the amount required, if any. This feature makes the routing discovery protocol less efficient but preserves the privacy of channel balances. In this paper, we present an attack to disclose the balance of a channel in the Lightning Network. Our attack is based on performing multiple payments ensuring that none of them is finalized, minimizing the economical cost of the attack. We present experimental results that validate our claims, and countermeasures to handle the attack.

Category / Keywords: applications / Bitcoin; Blockchain; Network Security; Off-chain payments channels; Lightning Network

Original Publication (in the same form): ASIACCS

Date: received 26 Mar 2019, last revised 23 Jul 2019

Contact author: jordi herrera at uab cat

Available format(s): PDF | BibTeX Citation

Version: 20190723:080208 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]