Security and Privacy for Payment-Channel Networks

Bitcoin sparked the blockchain ecosystem and has been followed by a plethora of blockchain approaches. Their growing expectations and usage is at odds with their scalability. Bitcoin today supports tens of transaction per second, a rate far from satisfactory to cater the current demand. Unfortunately, this is not an isolated symptom from Bitcoin but an epidemic problem with blockchain today. The most promising scalability solution today are payment channels: Two users leverage a single on-chain transaction to establish a shared deposit of coins. Subsequent payments are performed off-chain by agreeing on an updated deposits balance. Finally, only one additional on-chain transaction is required to close the deposit in the blockchain. Leveraging paths of payment channels, a payment-channel network allow any two users to pay each other. Unfortunately, current payment-channel networks at are their infancy and more work is required to bring them to minimum standards for mass adoption with proper security and privacy guarantees. In this state of affairs, the focus of this project is two-fold: (WP1) studying the theoretical possibilities and limits of payment-channel networks for mass adoption with sufficient security and privacy guarantees; (WP2) laying the foundations for payment-channel networks applications in order to release all their potential. WP1 is divided in three tasks: (a) set the foundations of security and privacy for payment channels. Simplified transaction formats augment the probability of success at providing security and privacy guarantees while reducing the amount of information to be stored at the blockchain. This is definitely a mandatory requirement given the current scalability issues; (b) set the foundations for offline users in payment-channel networks. Current approaches require that all users are always online, a requirement that clearly hinders their deployment in practice as users come and go as they please; (c) set the foundations of interoperable payment channels. Current isolated blockchains clearly restrict their potential. By providing interoperable protocols, we plan to release the whole potential of payment-channel networks. WP2 is also divided in three tasks: (a) build payment-channels secure against stronger adversaries such as quantum attackers; (b) build payment-channel networks over privacy-preserving cryptocurrencies such as Monero or Zcash, an open problem today that however would pave the way for better privacy guarantees; (c) build currency exchange protocols to support seamless exchanges of not only coins but any other good that can be represented in the blockchain, a main use case hindered today due to the isolation of different blockchains. Therefore, this project will provide the missing foundations and constructions to bring payment-channel networks into a solid state that can get mass adoption as scalability solution.

The high adoption of cryptocurrencies has led to severe scalability issues given that current cryptocurrencies cannot handle the growing number of transactions. In this state of affairs, payment-channel networks have been designed to mitigate this scalability problem providing a new payment method where the majority of the transactions are executed in a peer-to-peer manner and only a few of them are still processed by the underlying cryptocurrency, thereby massively reducing its load. Unfortunately, current proposals of a payment-channel network from both academia and industry, fall short of crucial properties such as security, privacy, or interoperability. This project tackles the aforementioned issues with a methodology based on two main pillars. First, lay the foundations of payment-channel networks through a formal model that covers the notions of interest such as security even in the presence of quantum computers, privacy as well as interoperability. Second, design different applications for payment-channel networks other than a simple exchange of coins between the users and formally evaluate them to show that they provide provable guarantees for the notions of security, privacy, and interoperability. The execution of this project has led to excellent results with high impact not only in academia but also in industry. First, we have created a systematization of the knowledge available in the literature and in industry about the topic of this project. This systematization of knowledge has served not only as of the building stone of this project but also many others as demonstrated by the more than 125 citations (according to Google Scholar) that this systematization of knowledge has received so far. Second, we have formalized the notion of adaptor signatures, a cryptographic tool that extends standard digital signatures to embed a cryptographic condition in the signing process. This basic cryptographic tool has become the de-facto building tool for secure, privacy and, perhaps more importantly, cross-cryptocurrency applications as demonstrated by the handful of payment systems created unrelated to this project and that build upon the notion of adaptor signatures. Third, we have developed A2L, a protocol that allows gateways (i.e., online exchange services in cryptocurrencies) to provide the currency exchange service while having for the first time formal security and privacy guarantees as well as supporting virtually any cryptocurrency available today. This breakthrough result has attracted the attention of industry and CoBloX Labs, one of the leading blockchain companies in the field of cross-currency payments, has prototyped and tested it within their blockchain technology. Last, but not least, we have designed a payment-channel network protocol for the Monero cryptocurrency, a missing piece in the blockchain community before our work. We shared our results with the Monero Research Labs and our proposal is currently under those being considered to be adopted.