Pisa: Arbitration Outsourcing for State Channels

State channels are a leading approach for improving the scalability of blockchains and cryptocurrencies. They allow a group of distrustful parties to optimistically execute an application-defined program amongst themselves, while the blockchain serves as a backstop in case of a dispute or abort. This effectively bypasses the congestion, fees and performance constraints of the underlying blockchain in the typical case. However, state channels introduce a new and undesirable assumption that a party must remain online and synchronised with the blockchain at all times to defend against execution fork attacks. An execution fork can revert a state channel's history, potentially causing financial damage to a party that is innocent except for having crashed. To provide security even to parties that may go offline for an extended period of time, we present Pisa, the first protocol to propose an accountable third party who can be hired by parties to cancel execution forks on their behalf. To evaluate Pisa, we provide a proof-of-concept implementation for a simplified Sprites and we demonstrate that it is cost-efficient to deploy on the Ethereum network.

[1]  G. Hardin,et al.  Tragedy of the Commons , 1968 .

[2]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[3]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[4]  Mihir Bellare,et al.  Does Encryption with Redundancy Provide Authenticity? , 2001, EUROCRYPT.

[5]  Serge Vaudenay,et al.  The Security of DSA and ECDSA , 2003, Public Key Cryptography.

[6]  Christian Decker,et al.  A Fast and Scalable Payment Network with Bitcoin Duplex Micropayment Channels , 2015, SSS.

[7]  Aniket Kate,et al.  Liar, Liar, Coins on Fire!: Penalizing Equivocation By Loss of Bitcoins , 2015, CCS.

[8]  Abhi Shelat,et al.  Micropayments for Decentralized Currencies , 2015, IACR Cryptol. ePrint Arch..

[9]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[10]  Feng Hao,et al.  Towards Bitcoin Payment Networks , 2016, ACISP.

[11]  Frank Piessens,et al.  Ariadne: A Minimal Approach to State Continuity , 2016, USENIX Security Symposium.

[12]  Stefan Dziembowski,et al.  PERUN: Virtual Payment Channels over Cryptographic Currencies , 2017, IACR Cryptol. ePrint Arch..

[13]  Ittay Eyal,et al.  Teechain: Scalable Blockchain Payments using Trusted Execution Environments , 2017, ArXiv.

[14]  Ignacio Cascudo,et al.  SCRAPE: Scalable Randomness Attested by Public Entities , 2017, IACR Cryptol. ePrint Arch..

[15]  Matthew Green,et al.  Decentralized Anonymous Micropayments , 2017, EUROCRYPT.

[16]  Srdjan Capkun,et al.  ROTE: Rollback Protection for Trusted Execution , 2017, USENIX Security Symposium.

[17]  Andrew Miller,et al.  Instantaneous Decentralized Poker , 2017, ASIACRYPT.

[18]  Rami Khalil,et al.  Revive: Rebalancing Off-Blockchain Payment Networks , 2017, IACR Cryptol. ePrint Arch..

[19]  Andrew Miller,et al.  Sprites: Payment Channels that Go Faster than Lightning , 2017, ArXiv.

[20]  Giulio Malavolta,et al.  Concurrency and Privacy with Payment-Channel Networks , 2017, IACR Cryptol. ePrint Arch..

[21]  Ethan Heilman,et al.  Atomically Trading with Roger: Gambling on the Success of a Hardfork , 2017, DPM/CBT@ESORICS.

[22]  Matthew Green,et al.  Bolt: Anonymous Payment Channels for Decentralized Currencies , 2017, CCS.

[23]  Conrad Burchert,et al.  Scalable funding of Bitcoin micropayment channel networks , 2017, Royal Society Open Science.

[24]  Stefan Dziembowski,et al.  Foundations of State Channel Networks , 2018, IACR Cryptol. ePrint Arch..