Paper 2022/1735

BlindHub: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amounts

Xianrui Qin, University of Hong Kong
Shimin Pan, University of Hong Kong
Arash Mirzaei, Monash University
Zhimei Sui, Monash University
Oğuzhan Ersoy, Radboud University, Delft University of Technology
Amin Sakzad, Monash University
Muhammed F. Esgin, Monash University, CSIRO’s Data61
Joseph K. Liu, Monash University
Jiangshan Yu, Monash University
Tsz Hon Yuen, The University of Hong Kong

Payment Channel Hub (PCH) is a promising solution to the scalability issue of first-generation blockchains or cryptocurrencies such as Bitcoin. It supports off-chain payments between a sender and a receiver through an intermediary (called the tumbler). Relationship anonymity and value privacy are desirable features of privacy-preserving PCHs, which prevent the tumbler from identifying the sender and receiver pairs as well as the payment amounts. To our knowledge, all existing Bitcoin-compatible PCH constructions that guarantee relationship anonymity allow only a (predefined) fixed payment amount. Thus, to achieve payments with different amounts, they would require either multiple PCH systems or running one PCH system multiple times. Neither of these solutions would be deemed practical. In this paper, we propose the first Bitcoin-compatible PCH that achieves relationship anonymity and supports variable amounts for payment. To achieve this, we have several layers of technical constructions, each of which could be of independent interest to the community. First, we propose $\textit{BlindChannel}$, a novel bi-directional payment channel protocol for privacy-preserving payments, where {one of the channel parties} is unable to see the channel balances. Then, we further propose $\textit{BlindHub}$, a three-party (sender, tumbler, receiver) protocol for private conditional payments, where the tumbler pays to the receiver only if the sender pays to the tumbler. The appealing additional feature of BlindHub is that the tumbler cannot link the sender and the receiver while supporting a variable payment amount. To construct BlindHub, we also introduce two new cryptographic primitives as building blocks, namely $\textit{Blind Adaptor Signature}$(BAS), and $\textit{Flexible Blind Conditional Signature}$. BAS is an adaptor signature protocol built on top of a blind signature scheme. Flexible Blind Conditional Signature is a new cryptographic notion enabling us to provide an atomic and privacy-preserving PCH. Lastly, we instantiate both BlindChannel and BlindHub protocols and present implementation results to show their practicality.

Available format(s)
Publication info
Published elsewhere. Major revision. IEEE S&P 2023
Contact author(s)
xrqin @ cs hku hk
smpan @ cs hku hk
arash mirzaei @ monash edu
zhimei sui1 @ monash edu
oguzhan ersoy @ ru nl
amin sakzad @ monash edu
Muhammed Esgin @ monash edu
joseph liu @ monash edu
jiangshan yu @ monash edu
thyuen @ cs hku hk
2023-11-22: last of 12 revisions
2022-12-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Xianrui Qin and Shimin Pan and Arash Mirzaei and Zhimei Sui and Oğuzhan Ersoy and Amin Sakzad and Muhammed F. Esgin and Joseph K. Liu and Jiangshan Yu and Tsz Hon Yuen},
      title = {BlindHub: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amounts},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1735},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.