Security and Privacy of Lightning Network Payments with Uncertain Channel Balances

The Lightning Network (LN) is a prominent payment channel network aimed at addressing Bitcoin’s scalability issues. Due to the privacy of channel balances, senders cannot reliably choose sufficiently liquid payment paths and resort to a trial-and-error approach, trying multiple paths until one succeeds. This leaks private information and decreases payment reliability, which harms the user experience. This work focuses on the reliability and privacy of LN payments. We create a probabilistic model of the payment process in the LN, accounting for the uncertainty of the channel balances. This enables us to express payment success probabilities for a given payment amount and a path. Applying negative Bernoulli trials for singleand multi-part payments allows us to compute the expected number of payment attempts for a given amount, sender, and receiver. As a consequence, we analytically derive the optimal number of parts into which one should split a payment to minimize the expected number of attempts. This methodology allows us to define service level objectives and quantify how much private information leaks to the sender as a side effect of payment attempts. We propose an optimized path selection algorithm that does not require a protocol upgrade. Namely, we suggest that nodes prioritize paths that are most likely to succeed while making payment attempts. A simulation based on the real-world LN topology shows that this method reduces the average number of payment attempts by 20% compared to a baseline algorithm similar to the ones used in practice. This improvement will increase to 48% if the LN protocol is upgraded to implement the channel rebalancing proposal described in BOLT14. ∗rene.m.pickhardt@ntnu.no 1https://github.com/lightningnetwork/lightning-rfc/ pull/780.

[1]  Stefan Schmid,et al.  Hijacking Routes in Payment Channel Networks: A Predictability Tradeoff , 2019, ArXiv.

[2]  Ralph Holz,et al.  An empirical study of availability and reliability properties of the Bitcoin Lightning Network , 2020, ArXiv.

[3]  David Tse,et al.  Boomerang: Redundancy Improves Latency and Throughput in Payment Networks , 2019, ArXiv.

[4]  Florian Tschorsch,et al.  Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks , 2020, AFT.

[5]  Rabiah Abdul Kadir,et al.  Improvements of the Balance Discovery Attack on Lightning Network Payment Channels , 2020, IACR Cryptol. ePrint Arch..

[6]  Giulia Fanti,et al.  Privacy-Utility Tradeoffs in Routing Cryptocurrency over Payment Channel Networks , 2020, SIGMETRICS.

[7]  Giulio Malavolta,et al.  Concurrency and Privacy with Payment-Channel Networks , 2017, IACR Cryptol. ePrint Arch..

[8]  Giulio Malavolta,et al.  SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks , 2017, NDSS.

[9]  Alex Biryukov,et al.  Probing Channel Balances in the Lightning Network , 2020, ArXiv.

[10]  Stefan Schmid,et al.  Toward Active and Passive Confidentiality Attacks On Cryptocurrency Off-Chain Networks , 2020, ICISSP.

[11]  Sewoong Oh,et al.  Privacy-Utility Tradeoffs in Routing Cryptocurrency over Payment Channel Networks , 2020, Proc. ACM Meas. Anal. Comput. Syst..

[12]  Aviv Zohar,et al.  Congestion Attacks in Payment Channel Networks , 2020, Financial Cryptography.

[13]  Joaquín García,et al.  On the Difficulty of Hiding the Balance of Lightning Network Channels , 2019, IACR Cryptol. ePrint Arch..

[14]  Aviv Zohar,et al.  Flood & Loot: A Systemic Attack on The Lightning Network , 2020, AFT.

[15]  Rene Pickhardt,et al.  Imbalance measure and proactive channel rebalancing algorithm for the Lightning Network , 2019, 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[16]  Ramesh Govindan,et al.  Liquidity in credit networks: a little trust goes a long way , 2011, EC '11.

[17]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[18]  Pavel Prihodko,et al.  Flare : An Approach to Routing in Lightning Network White Paper , 2016 .

[19]  Mariusz Nowostawski,et al.  Split Payments in Payment Networks , 2018, DPM/CBT@ESORICS.

[20]  John G. Proakis,et al.  Probability, random variables and stochastic processes , 1985, IEEE Trans. Acoust. Speech Signal Process..

[21]  Pedro Moreno-Sanchez,et al.  A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network , 2020, 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[22]  Andrew Miller,et al.  An Empirical Analysis of Privacy in the Lightning Network , 2021, Financial Cryptography.

[23]  Mariusz Nowostawski,et al.  Evaluating Methods for the Identification of Off-Chain Transactions in the Lightning Network , 2019, Applied Sciences.

[24]  Ian Goldberg,et al.  Settling Payments Fast and Private: Efficient Decentralized Routing for Path-Based Transactions , 2017, NDSS.

[25]  Joaquín García,et al.  LockDown: Balance Availability Attack against Lightning Network Channels , 2020, IACR Cryptol. ePrint Arch..

[26]  Pramod Viswanath,et al.  Routing Cryptocurrency with the Spider Network , 2018, HotNets.

[27]  Ferenc Beres,et al.  A Cryptoeconomic Traffic Analysis of Bitcoins Lightning Network , 2019, ArXiv.