Paper 2020/774

Timelocked Bribing

Majid Khabbazian, Tejaswi Nadahalli, and Roger Wattenhofer

Abstract

A Hashed Time Lock Contract (HTLC) is a central concept in cryptocurrencies where some value can be spent either with the preimage of a public hash by one party (Bob) or after a timelock expires by another party (Alice). We present a bribery attack on HTLC's where Bob's hash-protected transaction is censored by Alice's timelocked transaction. Alice incentivizes miners to censor Bob's transaction by leaving almost all her value to miners in general. Miners follow (or refuse) this bribe if their expected payoff is better (or worse). We explore conditions under which this attack is possible, and how HTLC participants can protect themselves against the attack. Applications like Lightning Network payment channels and Cross-Chain Atomic Swaps use HTLC's as building blocks and are vulnerable to this attack. Our proposed solution uses the hashpower share of the weakest known miner to derive parameters that make these applications robust against this bribing attack.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. Financial Cryptography and Data Security 2021
Keywords
bitcoinHTLCbribeminer extractable value
Contact author(s)
tejaswin @ ethz ch
History
2021-02-01: last of 2 revisions
2020-06-24: received
See all versions
Short URL
https://ia.cr/2020/774
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/774,
      author = {Majid Khabbazian and Tejaswi Nadahalli and Roger Wattenhofer},
      title = {Timelocked Bribing},
      howpublished = {Cryptology ePrint Archive, Paper 2020/774},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/774}},
      url = {https://eprint.iacr.org/2020/774}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.