Paper 2020/554

Bitcoin-Compatible Virtual Channels

Lukas Aumayr, Oguzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, and Siavash Riahi

Abstract

Current permissionless cryptocurrencies such as Bitcoin suffer from a limited transaction rate and slow confirmation time, which hinders further adoption. Payment channels are one of the most promising solutions to address these problems, as they allow the parties of the channel to perform arbitrarily many payments in a peer-to-peer fashion while uploading only two transactions on the blockchain. This concept has been generalized into payment channel networks where a path of payment channels is used to settle the payment between two users that might not share a direct channel between them. However, this approach requires the active involvement of each user in the path, making the system less reliable (they might be offline), more expensive (they charge fees per payment), and slower (intermediaries need to be actively involved in the payment). To mitigate this issue, recent work has introduced the concept of virtual channels (IEEE S\&P'19), which involve intermediaries only in the initial creation of a bridge between payer and payee, who can later on independently perform arbitrarily many off-chain transactions. Unfortunately, existing constructions are only available for Ethereum, as they rely on its account model and Turing-complete scripting language. The realization of virtual channels in other blockchain technologies with limited scripting capabilities, like Bitcoin, was so far considered an open challenge. In this work, we present the first virtual channel protocols that are built on the UTXO-model and require a scripting language supporting only a digital signature scheme and a timelock functionality, being thus backward compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its efficiency: for n sequential payments, they require an off-chain exchange of 9+2n transactions or a total of 3524+695n bytes, with no on-chain footprint in the optimistic case. This is a substantial improvement compared to routing payments in a payment channel network, which requires 8n transactions with a total of 3026n bytes to be exchanged.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.IEEE S&P 2021
Keywords
bitcoinblockchain protocolsvirtualizationpayment channel networks
Contact author(s)
andreas erwig @ tu-darmstadt de
siavash riahi @ tu-darmstadt de
History
2021-04-14: revised
2020-05-15: received
See all versions
Short URL
https://ia.cr/2020/554
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/554,
      author = {Lukas Aumayr and Oguzhan Ersoy and Andreas Erwig and Sebastian Faust and Kristina Hostáková and Matteo Maffei and Pedro Moreno-Sanchez and Siavash Riahi},
      title = {Bitcoin-Compatible Virtual Channels},
      howpublished = {Cryptology ePrint Archive, Paper 2020/554},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/554}},
      url = {https://eprint.iacr.org/2020/554}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.