## Cryptology ePrint Archive: Report 2020/554

Bitcoin-Compatible Virtual Channels

Lukas Aumayr and Oguzhan Ersoy and Andreas Erwig and Sebastian Faust and Kristina Hostáková and Matteo Maffei and Pedro Moreno-Sanchez and Siavash Riahi

Abstract: Current permissionless cryptocurrencies such as Bitcoin suffer from a limited transaction rate and slow confirmation time, which hinders their large scale adoption. Payment channels are one of the most promising solutions to address these problems, as they allow two end-points of the channel to perform arbitrarily many payments in a peer-to-peer fashion while uploading only two transactions on the blockchain. This concept has been generalized into payment-channel networks where a path of payment channels is used to settle the payment between two users that might not share a channel between them. However, this approach requires the active involvement of each user in the path, making the system less reliable (they might be offline), more expensive (they charge fees per payment) and slower (intermediaries need to be actively involved in the payment). To mitigate this issue, recent work has introduced the concept of virtual channels, which involve intermediaries only in the initial creation of a bridge between payer and payee, who can later on independently perform arbitrarily many off-chain transactions. Unfortunately, existing constructions are only available for Ethereum, as they rely on its account model and Turing-complete scripting language. The realization of virtual channels in other blockchain technologies with limited scripting capabilities, like Bitcoin, was considered so far an open challenge.

In this work, we present the first virtual channel protocols that are built on the UTXO-model and require a script language supporting only a digital signature scheme and a timelock functionality, being thus backwards compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework, and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its efficiency: for $n$ sequential payments, they require an off-chain exchange of $11+2\cdot(n-1)$ transactions or a total of $4219+695\cdot(n-1)$ bytes, with no on-chain footprint in the optimistic case.

Category / Keywords: cryptographic protocols / bitcoin, blockchain protocols, virtualization, payment channel networks

Date: received 12 May 2020, last revised 12 May 2020

Contact author: siavash riahi at tu-darmstadt de

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2020/554

[ Cryptology ePrint archive ]