Bitcoin-Compatible Virtual Channels

Current permissionless cryptocurrencies such as Bitcoin su er from a limited transaction rate and slow con rmation time, which hinders their large scale adoption. Payment channels are one of the most promising solutions to address these problems, as they allow two end-points of the channel to perform arbitrarily many payments in a peer-to-peer fashion while uploading only two transactions on the blockchain. This concept has been generalized into payment-channel networks where a path of payment channels is used to settle the payment between two users that might not share a channel between them. However, this approach requires the active involvement of each user in the path, making the system less reliable (they might be o ine), more expensive (they charge fees per payment) and slower (intermediaries need to be actively involved in the payment). To mitigate this issue, recent work has introduced the concept of virtual channels, which involve intermediaries only in the initial creation of a bridge between payer and payee, who can later on independently perform arbitrarily many o -chain transactions. Unfortunately, existing constructions are only available for Ethereum, as they rely on its account model and Turing-complete scripting language. The realization of virtual channels in other blockchain technologies with limited scripting capabilities, like Bitcoin, was considered so far an open challenge. In this work, we present the rst virtual channel protocols that are built on the UTXO-model and require a script language supporting only a digital signature scheme and a timelock functionality, being thus backwards compatible with virtually every cryptocurrency, including Bitcoin. We formalize the security properties of virtual channels as an ideal functionality in the Universal Composability framework, and prove that our protocol constitutes a secure realization thereof. We have prototyped and evaluated our protocol on the Bitcoin blockchain, demonstrating its e ciency: for n sequential payments, they require an o -chain exchange of 11 + 2 · (n − 1) transactions or a total of 4219 + 695 · (n − 1) bytes, with no on-chain footprint in the optimistic case.

[1]  Andreas M. Antonopoulos,et al.  Mastering Bitcoin: Unlocking Digital Crypto-Currencies , 2014 .

[2]  George Danezis,et al.  SoK: Consensus in the Age of Blockchains , 2017, AFT.

[3]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[4]  Stefan Dziembowski,et al.  PERUN : Virtual Payment Hubs over Cryptographic Currencies , 2018 .

[5]  Ueli Maurer,et al.  Universally Composable Synchronous Computation , 2013, TCC.

[6]  Giulio Malavolta,et al.  Concurrency and Privacy with Payment-Channel Networks , 2017, IACR Cryptol. ePrint Arch..

[7]  Stefan Schmid,et al.  Toward Active and Passive Confidentiality Attacks On Cryptocurrency Off-Chain Networks , 2020, ICISSP.

[8]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[9]  Andrew Miller,et al.  An Empirical Analysis of Privacy in the Lightning Network , 2021, Financial Cryptography.

[10]  Pedro Moreno-Sanchez,et al.  Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks , 2019, IACR Cryptol. ePrint Arch..

[11]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[12]  Iddo Bentov,et al.  Sprites and State Channels: Payment Networks that Go Faster Than Lightning , 2017, Financial Cryptography.

[13]  Ian Goldberg,et al.  Settling Payments Fast and Private: Efficient Decentralized Routing for Path-Based Transactions , 2017, NDSS.

[14]  S. Rajsbaum Foundations of Cryptography , 2014 .

[15]  George Danezis,et al.  Consensus in the Age of Blockchains , 2017, ArXiv.

[16]  Pedro Moreno-Sanchez,et al.  Generalized Bitcoin-Compatible Channels , 2020, IACR Cryptol. ePrint Arch..

[17]  Ueli Maurer,et al.  Bitcoin as a Transaction Ledger: A Composable Treatment , 2017, CRYPTO.

[18]  Aggelos Kiayias,et al.  Hydra: Fast Isomorphic State Channels , 2020, IACR Cryptol. ePrint Arch..

[19]  Stefan Dziembowski,et al.  Multi-party Virtual State Channels , 2019, EUROCRYPT.

[20]  Stefan Dziembowski,et al.  PERUN: Virtual Payment Channels over Cryptographic Currencies , 2017, IACR Cryptol. ePrint Arch..

[21]  Giulio Malavolta,et al.  Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability , 2019, NDSS.

[22]  Keisuke Tanaka,et al.  Lightweight Virtual Payment Channels , 2020, IACR Cryptol. ePrint Arch..

[23]  Pedro Moreno-Sanchez,et al.  SoK: Layer-Two Blockchain Protocols , 2020, Financial Cryptography.

[24]  Pedro Moreno-Sanchez,et al.  A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network , 2020, 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[25]  Stefan Dziembowski,et al.  General State Channel Networks , 2018, CCS.

[26]  Ethan Heilman,et al.  TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub , 2017, NDSS.

[27]  Stefan Dziembowski,et al.  Perun: Virtual Payment Hubs over Cryptocurrencies , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[28]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[29]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[30]  Pedro Moreno-Sanchez,et al.  A2L: Anonymous Atomic Locks for Scalability and Interoperability in Payment Channel Hubs , 2019, IACR Cryptol. ePrint Arch..