1. On the difficulty of hiding the balance of lightning network channels
- Author
-
Jordi Herrera-Joancomartí, Joaquin Garcia-Alfaro, Guillermo Navarro-Arribas, Alejandro Ranchal-Pedrosa, Cristina Pérez-Solà, Centre de recerca en ciberseguretat de Catalunya (CYBERCAT), Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR), Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Département Réseaux et Services de Télécommunications (RST), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Institut Polytechnique de Paris (IP Paris), Centre National de la Recherche Scientifique (CNRS), Department of Information and Communications Engineering (dEIC), Autonomous University of Barcelona, Dépt. Réseaux et Service de Télécom (Institut Mines-Télécom-Télécom SudParis), Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (Institut Mines-Télécom-Télécom SudParis-CNRS), and Department of Information and Communications Engineering (Autonomous University of Barcelona)
- Subjects
Off-chain payments channels ,Network security ,business.industry ,Lightning (connector) ,Computer science ,020206 networking & telecommunications ,02 engineering and technology ,Network Security ,Channel capacity ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] ,Blockchain ,Transfer (computing) ,Path (graph theory) ,0202 electrical engineering, electronic engineering, information engineering ,020201 artificial intelligence & image processing ,Routing (electronic design automation) ,business ,Lightning network ,Bitcoin ,Computer network ,Communication channel - Abstract
International audience; The Lightning Network is a second layer technology running on top of Bitcoin and other Blockchains. It is composed of a peer-to-peer network, used to transfer raw information data. Some of the links in the peer-to-peer network are identified as payment channels, used to conduct payments between two Lightning Network clients (i.e., the two nodes of the channel). Payment channels are created with a fixed credit amount, the channel capacity. The channel capacity, together with the IP address of the nodes, is published to allow a routing algorithm to find an existing path between two nodes that do not have a direct payment channel. However, to preserve users' privacy, the precise balance of the pair of nodes of a given channel (i.e. the bandwidth of the channel in each direction), is kept secret. Since balances are not announced, second-layer nodes probe routes iteratively, until they find a successful route to the destination for the amount required, if any. This feature makes the routing discovery protocol less efficient but preserves the privacy of channel balances. In this paper, we present an attack to disclose the balance of a channel in the Lightning Network. Our attack is based on performing multiple payments ensuring that none of them is finalized, minimizing the economical cost of the attack. We present experimental results that validate our claims, and countermeasures to handle the attack.
- Published
- 2019
- Full Text
- View/download PDF