Paper 2019/778

A Composable Security Treatment of the Lightning Network

Aggelos Kiayias and Orfeas Stefanos Thyfronitis Litos


The high latency and low throughput of blockchain protocols constitute one of the fundamental barriers for their wider adoption.Overlay protocols, notably the lightning network, have been touted as the most viable direction for rectifying this in practice. In this work we present for the first time a full formalisation and security analysis of the lightning network in the (global) universal composition setting that takes into account a global ledger functionality for which previous work [Badertscher et al., Crypto’17] has demonstrated its realisability by the Bitcoin blockchain protocol. As a result, our treatment delineates exactly how the security guarantees of the protocol depend on the properties of the underlying ledger. Moreover, we provide a complete and modular description of the core of the lightning protocol that highlights precisely its dependency to underlying basic cryptographic primitives such as digital signatures, pseudorandom functions, identity-based signatures and a less common two-party primitive, which we term a combined digital signature, that were originally hidden within the lightning protocol’s implementation.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. CSF 2020
blockchainscalabilityuniversal compositionlayer 2
Contact author(s)
o thyfronitis @ ed ac uk
akiayias @ inf ed ac uk
2022-02-17: last of 4 revisions
2019-07-09: received
See all versions
Short URL
Creative Commons Attribution


      author = {Aggelos Kiayias and Orfeas Stefanos Thyfronitis Litos},
      title = {A Composable Security Treatment of the Lightning Network},
      howpublished = {Cryptology ePrint Archive, Paper 2019/778},
      year = {2019},
      doi = {10.1109/CSF49147.2020.00031},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.