Paper 2020/774

Timelocked Bribing

Majid Khabbazian, Tejaswi Nadahalli, and Roger Wattenhofer


A Hashed Time Lock Contract (HTLC) is a central concept in cryptocurrencies where some value can be spent either with the preimage of a public hash by one party (Bob) or after a timelock expires by another party (Alice). We present a bribery attack on HTLC's where Bob's hash-protected transaction is censored by Alice's timelocked transaction. Alice incentivizes miners to censor Bob's transaction by leaving almost all her value to miners in general. Miners follow (or refuse) this bribe if their expected payoff is better (or worse). We explore conditions under which this attack is possible, and how HTLC participants can protect themselves against the attack. Applications like Lightning Network payment channels and Cross-Chain Atomic Swaps use HTLC's as building blocks and are vulnerable to this attack. Our proposed solution uses the hashpower share of the weakest known miner to derive parameters that make these applications robust against this bribing attack.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.Financial Cryptography and Data Security 2021
bitcoinHTLCbribeminer extractable value
Contact author(s)
tejaswin @ ethz ch
2021-02-01: last of 2 revisions
2020-06-24: received
See all versions
Short URL
Creative Commons Attribution


      author = {Majid Khabbazian and Tejaswi Nadahalli and Roger Wattenhofer},
      title = {Timelocked Bribing},
      howpublished = {Cryptology ePrint Archive, Paper 2020/774},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.