Abstract

PermissionlessblockchainsprotocolssuchasBitcoinareinherently limitedintransactionthroughputandlatency.Currenteffortsto address this key issue focus on off-chain payment channels that canbecombinedinaPayment-ChannelNetwork(PCN)toenable anunlimitednumberofpaymentswithoutrequiringtoaccessthe blockchainotherthantoregistertheinitialandfinalcapacityof eachchannel.Whilethisapproachpavesthewayforlowlatency andhighthroughputofpayments,itsdeploymentinpracticeraises severalprivacyconcernsaswellastechnicalchallengesrelatedto theinherentlyconcurrentnatureofpaymentsthathavenotbeen sufficientlystudiedsofar. In this work, we lay the foundations for privacy and concurrency in PCNs, presenting a formal definition in the Universal Composability framework as well as practical and provably securesolutions.Inparticular,wepresentFulgorandRayo.Fulgor isthefirstpaymentprotocolforPCNsthatprovidesprovableprivacyguaranteesforPCNsandisfullycompatiblewiththeBitcoin scriptingsystem.However,Fulgorisablockingprotocolandtherefore prone to deadlocks of concurrent payments as in currently available PCNs. Instead, Rayo is the first protocol for PCNs that enforcesnon-blocking progress (i.e.,atleastoneoftheconcurrent payments terminates). We show through a new impossibility result that non-blocking progress necessarily comes at the cost of weakerprivacy.AtthecoreofFulgorandRayoisMulti-HopHTLC, anewsmartcontract,compatiblewiththeBitcoinscriptingsystem, thatprovidesconditionalpaymentswhilereducingrunningtime andcommunicationoverheadwithrespecttopreviousapproaches …

Date

2017

Authors

Matteo Maffei, Aniket Kate, Giulio Malavolta, Pedro Moreno-Sanchez, Srivatsan Ravi

Conference

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Publisher

ACM Digital Library