The Lightning Network is the most widely used payment channel network (PCN) to date, making it an attractive attack surface for adversaries. In this paper, we analyze the Lightning Network's PCN topology and investigate its resilience towards random failures and targeted attacks. In particular, we introduce the notions of channel exhaustion and node isolation attacks and show that the Lightning Network is susceptible to these attacks. In a preliminary analysis, we confirm that the Lightning Network can be classified as a small-world and scalefree network. Based on these findings, we develop a series of strategies for targeted attacks and introduce metrics that allow us to quantify the adversary's advantage. Our results indicate that an attacker who is able to remove a certain number of nodes should follow a centrality-based strategy, while a resource-limited attacker who aims for high efficiency should employ a highest ranked minimum cut strategy.• We study the current state of the Lightning Network's PCN topology and assess its resilience to random failures and targeted attacks. • We systematize topology-based attacks against PCNs. • We introduce channel exhaustion and node isolation attacks as additional attack vectors. • We develop various adversarial strategies and quantify their prospects in terms of the adversarial success.
Zcash is a privacy-preserving cryptocurrency that provides anonymous monetary transactions. While Zcash's anonymity is part of a rigorous scientific discussion, information on the underlying peer-to-peer network are missing. In this paper, we provide the first long-term measurement study of the Zcash network to capture key metrics such as the network size and node distribution as well as deeper insights on the centralization of the network. Furthermore, we present an inference method based on a timing analysis of block arrivals that we use to determine interconnections of nodes. We evaluate and verify our method through simulations and real-world experiments, yielding a precision of 50 % with a recall of 82 % in the real-world scenario. By adjusting the parameters, the topology inference model is adaptable to the conditions found in other cryptocurrencies and therefore also contributes to the broader discussion of topology hiding in general.
The Lightning Network is a scaling solution for Bitcoin that promises to enable rapid and private payment processing. In Lightning, multihop payments are secured by utilizing Hashed Time-Locked Contracts (HTLCs) and encrypted on the network layer by an onion routing scheme to avoid information leakage to intermediate nodes. In this work, we however show that the privacy guarantees of the Lightning Network may be subverted by an on-path adversary conducting timing attacks on the HTLC state negotiation messages. To this end, we provide estimators that enable an adversary to reduce the anonymity set and infer the likeliest payment endpoints. We developed a proof-of-concept measurement node that shows the feasibility of attaining time differences and evaluate the adversarial success in model-based network simulations. We find that controlling a small number of malicious nodes is sufficient to observe a large share of all payments, emphasizing the relevance of the on-path adversary model. Moreover, we show that adversaries of different magnitudes could employ timing-based attacks to deanonymize payment endpoints with high precision and recall. CCS CONCEPTS • Security and privacy → Distributed systems security; • Networks → Network privacy and anonymity.
Payment channel networks use off-chain transactions to provide virtually arbitrary transaction rates. In this paper, we provide a new perspective on payment channels and consider them as a flow network. We propose an extended push-relabel algorithm to find payment flows in a payment channel network. Our algorithm enables a distributed and concurrent execution without violating capacity constraints. To this end, we introduce the concept of capacity locking. We prove that flows are valid and present first results.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.