BlindHub: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amounts

Xianrui Qin; Shimin Pan; Arash Mirzaei; Zhimei Sui; Oğuzhan Ersoy; Amin Sakzad; Muhammed F. Esgin; Joseph K. Liu; Jiangshan Yu; Tsz Hon Yuen

Paper 2022/1735

BlindHub: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amounts

Xianrui Qin

, University of Hong Kong

Shimin Pan, University of Hong Kong

Arash Mirzaei, Monash University

Zhimei Sui, Monash University

Oğuzhan Ersoy, Radboud University, Delft University of Technology

Amin Sakzad, Monash University

Muhammed F. Esgin, Monash University, CSIRO’s Data61

Joseph K. Liu, Monash University

Jiangshan Yu, Monash University

Tsz Hon Yuen, The University of Hong Kong

Abstract

Payment Channel Hub (PCH) is a promising solution to the scalability issue of first-generation blockchains or cryptocurrencies such as Bitcoin. It supports off-chain payments between a sender and a receiver through an intermediary (called the tumbler). Relationship anonymity and value privacy are desirable features of privacy-preserving PCHs, which prevent the tumbler from identifying the sender and receiver pairs as well as the payment amounts. To our knowledge, all existing Bitcoin-compatible PCH constructions that guarantee relationship anonymity allow only a (predefined) fixed payment amount. Thus, to achieve payments with different amounts, they would require either multiple PCH systems or running one PCH system multiple times. Neither of these solutions would be deemed practical. In this paper, we propose the first Bitcoin-compatible PCH that achieves relationship anonymity and supports variable amounts for payment. To achieve this, we have several layers of technical constructions, each of which could be of independent interest to the community. First, we propose $\textit{BlindChannel}$, a novel bi-directional payment channel protocol for privacy-preserving payments, where {one of the channel parties} is unable to see the channel balances. Then, we further propose $\textit{BlindHub}$, a three-party (sender, tumbler, receiver) protocol for private conditional payments, where the tumbler pays to the receiver only if the sender pays to the tumbler. The appealing additional feature of BlindHub is that the tumbler cannot link the sender and the receiver while supporting a variable payment amount. To construct BlindHub, we also introduce two new cryptographic primitives as building blocks, namely $\textit{Blind Adaptor Signature}$(BAS), and $\textit{Flexible Blind Conditional Signature}$. BAS is an adaptor signature protocol built on top of a blind signature scheme. Flexible Blind Conditional Signature is a new cryptographic notion enabling us to provide an atomic and privacy-preserving PCH. Lastly, we instantiate both BlindChannel and BlindHub protocols and present implementation results to show their practicality.

Metadata

Available format(s): PDF
Category: Applications
Publication info: Published elsewhere. Major revision. IEEE S&P 2023
Keywords: blockchain mixing Bitcoin
Contact author(s): xrqin @ cs hku hk
smpan @ cs hku hk
arash mirzaei @ monash edu
zhimei sui1 @ monash edu
oguzhan ersoy @ ru nl
amin sakzad @ monash edu
Muhammed Esgin @ monash edu
joseph liu @ monash edu
jiangshan yu @ monash edu
thyuen @ cs hku hk
History: 2023-11-22: last of 12 revisions; 2022-12-17: received; See all versions
Short URL: https://ia.cr/2022/1735
License: CC BY

BibTeX

@misc{cryptoeprint:2022/1735,
      author = {Xianrui Qin and Shimin Pan and Arash Mirzaei and Zhimei Sui and Oğuzhan Ersoy and Amin Sakzad and Muhammed F. Esgin and Joseph K. Liu and Jiangshan Yu and Tsz Hon Yuen},
      title = {{BlindHub}: Bitcoin-Compatible Privacy-Preserving Payment Channel Hubs Supporting Variable Amounts},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1735},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1735}
}