Hijacking Routes in Payment Channel Networks: A Predictability Tradeoff

Off-chain transaction networks can mitigate the scalability issues of today's trustless electronic cash systems such as Bitcoin. However, these peer-to-peer networks also introduce a new attack surface which is not well-understood today. This paper identifies and analyzes, a novel Denial-of-Service attack which is based on route hijacking, i.e., which exploits the way transactions are routed and executed along the created channels of the network. This attack is conceptually interesting as even a limited attacker that manipulates the topology through the creation of new channels can navigate tradeoffs related to the way it attacks the network. Furthermore, the attack also highlights a fundamental design tradeoff for the defender (who determines its own routes): to become less predictable and hence secure, a rational node has to pay higher fees to nodes that forward its payments. We find that the three most common implementations for payment channels in Bitcoin (lnd, C-lightning, Eclair) approach routing differently. We begin by surveying the current state of the Lightning network and explore the routes chosen by these implementations. We find that in the current network nearly 60\% of all routes pass through only five nodes, while 80\% go through only 10 nodes. Thus, a relatively small number of colluding nodes can deny service to a large fraction of the network. We then turn to study an external attacker who creates links to the network and draws more routes through its nodes by asking for lower fees. We find that just five new links are enough to draw the majority (65\% - 75\%) of the traffic regardless of the implementation being used. The cost of creating these links is very low. We discuss the differences between implementations and eventually derive our own suggested routing policy, which is based on a novel combination of existing approaches.

[1]  Laurent Vanbever,et al.  Hijacking Bitcoin: Large-scale Network Attacks on Cryptocurrencies , 2016, ArXiv.

[2]  Christian Decker,et al.  Have a snack, pay with Bitcoins , 2013, IEEE P2P 2013 Proceedings.

[3]  Rami Puzis,et al.  Routing betweenness centrality , 2010, JACM.

[4]  Giulio Malavolta,et al.  Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability , 2019, NDSS.

[5]  Pierluigi Crescenzi,et al.  Improving the Betweenness Centrality of a Node by Adding Links , 2017, ACM J. Exp. Algorithmics.

[6]  Emin Gün Sirer,et al.  Decentralization in Bitcoin and Ethereum Networks , 2018, Financial Cryptography.

[7]  The Lancet Psychiatry The most wonderful time of the year. , 2018, Lancet psychiatry.

[8]  Patrick D. McDaniel,et al.  An Analysis of Anonymity in Bitcoin Using P2P Network Traffic , 2014, Financial Cryptography.

[9]  Dharma P. Agrawal,et al.  Routing security in wireless ad hoc networks , 2002, IEEE Commun. Mag..

[10]  Peng Jiang,et al.  A Survey on the Security of Blockchain Systems , 2017, Future Gener. Comput. Syst..

[11]  Andrew Miller,et al.  Measuring Ethereum Network Peers , 2018, Internet Measurement Conference.

[12]  Wei Chen,et al.  Bounded Budget Betweenness Centrality Game for Strategic Network Formations , 2011, ESA.

[13]  Keith W. Ross,et al.  Exploiting P2P systems for DDoS attacks , 2006, InfoScale '06.

[14]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[15]  Ethan Heilman,et al.  Low-Resource Eclipse Attacks on Ethereum's Peer-to-Peer Network , 2020, IACR Cryptol. ePrint Arch..

[16]  Aviv Zohar,et al.  Accelerating Bitcoin's Transaction Processing. Fast Money Grows on Trees, Not Chains , 2013, IACR Cryptol. ePrint Arch..

[17]  Laurent Vanbever,et al.  Hijacking Bitcoin: Routing Attacks on Cryptocurrencies , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[18]  M. L. Fisher,et al.  An analysis of approximations for maximizing submodular set functions—I , 1978, Math. Program..

[19]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[20]  Meni Rosenfeld,et al.  Analysis of Hashrate-Based Double Spending , 2014, ArXiv.

[21]  Ravi Jain,et al.  An Experimental Study of the Skype Peer-to-Peer VoIP System , 2005, IPTPS.

[22]  Ghassan O. Karame,et al.  Ripple: Overview and Outlook , 2015, TRUST.

[23]  Florian Tschorsch,et al.  Discharged Payment Channels: Quantifying the Lightning Network's Resilience to Topology-Based Attacks , 2019, 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[24]  Christian Decker,et al.  A Fast and Scalable Payment Network with Bitcoin Duplex Micropayment Channels , 2015, SSS.