Concurrency and Privacy with Payment-Channel Networks (1911.09148v1)

Abstract: Permissionless blockchains protocols such as Bitcoin are inherently limited in transaction throughput and latency. Current efforts to address this key issue focus on off-chain payment channels that can be combined in a Payment-Channel Network (PCN) to enable an unlimited number of payments without requiring to access the blockchain other than to register the initial and final capacity of each channel. While this approach paves the way for low latency and high throughput of payments, its deployment in practice raises several privacy concerns as well as technical challenges related to the inherently concurrent nature of payments, such as race conditions and deadlocks, that have been understudied so far. In this work, we lay the foundations for privacy and concurrency in PCNs, presenting a formal definition in the Universal Composability framework as well as practical and provably secure solutions. In particular, we present Fulgor and Rayo. Fulgor is the first payment protocol for PCNs that provides provable privacy guarantees for PCNs and is fully compatible with the Bitcoin scripting system. However, Fulgor is a blocking protocol and therefore prone to deadlocks of concurrent payments as in currently available PCNs. Instead, Rayo is the first protocol for PCNs that enforces non-blocking progress (i.e., at least one of the concurrent payments terminates). We show through a new impossibility result that non-blocking progress necessarily comes at the cost of weaker privacy. At the core of Fulgor and Rayo is Multi-Hop HTLC, a new smart contract, compatible with the Bitcoin scripting system, that provides conditional payments while reducing running time and communication overhead with respect to previous approaches.

• The paper introduces Fulgor and Rayo, two novel protocols for enhancing privacy and concurrency in Payment-Channel Networks like Bitcoin's Lightning Network.
• The Fulgor protocol improves privacy by using multi-hop Hash Time-Lock Contracts and zero-knowledge proofs to obscure transaction details from intermediaries.
• The Rayo protocol offers a non-blocking approach for concurrent payments, highlighting a critical trade-off where improving concurrency may reduce transaction privacy.

Privacy and Concurrency in Payment-Channel Networks

The research conducted by Malavolta et al. presents a significant contribution to the field of Payment-Channel Networks (PCNs), focusing on two primary aspects: privacy and concurrency. The authors introduce two protocols, Fulgor and Rayo, within a formal framework to manage the inherent limitations and privacy concerns of Bitcoin payment channels.

Overview of PCNs and Challenges

PCNs, like the Bitcoin Lightning Network, provide a scalable solution to the blockchain's transaction throughput and latency constraints. These networks allow for off-chain transactions, thus alleviating the load on the primary blockchain. However, they introduce challenges in privacy and concurrency. Current PCNs, while promising, raise concerns regarding transaction anonymity and the potential for deadlock in concurrent payments.

Contributions: Fulgor and Rayo Protocols

Privacy: Fulgor Protocol

Fulgor offers a systematic approach to enhancing privacy within PCNs. It aims to provide robust privacy guarantees, ensuring that transaction details remain obscured from intermediaries within the path. The protocol utilizes a variant of the Hash Time-Lock Contract (HTLC) to maintain the privacy of transactions.

• Multi-Hop HTLC: This innovative contract allows sequential payments to occur across multiple hops without revealing the transaction's original sender or total path. Each node in the network only knows its immediate predecessor and successor, thereby increasing privacy.
• Zero-Knowledge Proofs: Fulgor employs non-interactive zero-knowledge proofs to ensure the correctness of these multi-hop contracts without exposing underlying transactional information.

Concurrency: Rayo Protocol

Whereas Fulgor adopts a blocking strategy that may lead to deadlocks, Rayo seeks to address concurrency by introducing a non-blocking alternative.

• Non-Blocking Progress: Rayo enforces at least one successful transaction in a set of concurrent operations, overcoming potential deadlocks but at the cost of reduced relationship anonymity.
• Concurrency vs. Privacy Trade-Off: The deployment of Rayo highlights a critical trade-off in PCN design—any effort to improve concurrency inherently weakens the privacy guarantees, as a shared identifier must be visible across nodes in the transaction path.

Performance and Practical Implications

The authors provide a performance assessment demonstrating that a payment containing up to 10 intermediate users can be processed in approximately 5 seconds, with communication overheads limited to around 17 MB. This evaluation underscores the practicality of Fulgor and Rayo in real-world applications, suggesting that these protocols can handle the demands of a growing user base.

The paper's exploration into privacy and concurrency within PCNs provides a comprehensive framework for future developments in decentralized payment systems. By offering robust privacy guarantees with Fulgor and refining concurrent payment processing through Rayo, this work sets a foundational precedent for deploying scalable and secure PCNs.

Future Directions and Implications

The paper reveals potential avenues for ongoing research, including further optimization of privacy without sacrificing concurrency and the adaptation of these protocols to alternative blockchain environments such as Ethereum. The findings serve as a foundational step towards improving the underlying mechanisms that support secure, private, and efficient digital currencies and payment systems in blockchain technology.