Cryptology ePrint Archive: Report 2021/855

Donner: UTXO-Based Virtual Channels Across Multiple Hops

Lukas Aumayr and Pedro Moreno-Sanchez and Aniket Kate and Matteo Maffei

Abstract: Payment channel networks are a promising solution to the scalability issues of current decentralized cryptocurrencies. They allow arbitrarily many payments between any two users connected through a path of intermediate payment channels while minimizing interaction with the blockchain only to open and close those channels. Yet, compromised intermediaries may make payments unreliable, slower, expensive, and privacy-invasive. Virtual channels mitigate these issues by allowing the two endpoints of a path to create a channel over the intermediaries such that after the channel is constructed, the intermediaries are no longer involved in payments. Unfortunately, existing UTXO-based virtual channel constructions are either limited to a single intermediary or only recursively build a virtual channel over multiple intermediaries. While the former single-hop channels are overly restrictive, the latter recursive constructions introduce issues such as forced closure and virtual griefing attacks.

This work presents Donner, the first virtual channel construction over multiple intermediaries in a single round of communication. We formally define the security and privacy in the Universal Composability framework and show that Donner is a realization thereof. Our experimental evaluation shows that Donner reduces the on-chain number of transactions for disputes from linear in the path length to a single one. Moreover, Donner reduces the storage overhead from logarithmic in the path length to constant. Donner is an efficient virtual channel construction that is backward compatible with the prominent, 50K channels strong Lightning network.

Category / Keywords: cryptographic protocols / blockchain, security, privacy, payment channel networks, virtual channels, Bitcoin, Lightning Network

Date: received 23 Jun 2021

Contact author: lukas aumayr at tuwien ac at

Available format(s): PDF | BibTeX Citation

Version: 20210624:145156 (All versions of this report)

Short URL: ia.cr/2021/855


[ Cryptology ePrint archive ]