Payout Races and Congested Channels: A Formal Analysis of Security in the Lightning Network
Authors: 
Ben Weintraub, Satwik Prabhu Kumble, Cristina Nita-Rotaru, Stefanie RoosAuthors Info & Claims
Pages 2562 - 2576
Abstract
The Lightning Network, a payment channel network with a market cap of over 192M USD, is designed to resolve Bitcoin's scalability issues through fast off-chain transactions. There are multiple Lightning Network client implementations, all of which conform to the same textual specifications known as BOLTs. Several vulnerabilities have been manually discovered, but to-date there have been few works systematically analyzing the security of the Lightning Network.
In this work, we take a foundational approach to analyzing the security of the Lightning Network with the help of formal methods. Based on the BOLTs' specifications, we build a detailed formal model of the Lightning Network's single-hop payment protocol and verify it using the Spin model checker. Our model captures both concurrency and error semantics of the payment protocol. We then define several security properties which capture the correct intermediate operation of the protocol, ensuring that the outcome is always certain to both channel peers, and using them we re-discover a known attack previously reported in the literature along with a novel attack, referred to as a Payout Race. A Payout Race consists of a particular sequence of events that can lead to an ambiguity in the protocol in which innocent users can unwittingly lose funds. We confirm the practicality of this attack by reproducing it in a local testbed environment.
References
[1]
URL https://github.com/ElementsProject/lightning.
[2]
URL https://github.com/ACINQ/eclair.
[3]
Connector risk mitigations | interledger. URL https://interledger.org/rfcs/0018-connector-risk-mitigations/draft-3.html.
[4]
Bolt #2: Peer protocol, May 2023. URL https://github.com/lightning/bolts/blob/ b38156b9510c0562cf50f8758a64602cc0315c19/02-peer-protocol.md. [Online; accessed 20. May. 2023].
[5]
Bolt #8: Encrypted and authenticated transport, May 2023. URL https://github.com/lightning/bolts/blob/master/08-transport.md#lightningmessage- specification. [Online; accessed 20. May. 2023].
[6]
Sep 2023. URL https://github.com/coq/coq.
[7]
Mouhamad Almakhour, Layth Sliman, Abed Ellatif Samhat, and Abdelhamid Mellouk. A formal verification approach for composite smart contracts security using fsm. Journal of King Saud University - Computer and Information Sciences, 35 :70--86, 2023. ISSN 1319--1578. URL https://www.sciencedirect.com/science/article/pii/S1319157822003111.
[8]
Sidney Amani, Myriam Bégel, Maksym Bortin, and Mark Staples. Towards verifying ethereum smart contract bytecode in isabelle/hol. CPP 2018, page 66--77, New York, NY, USA, 2018. Association for Computing Machinery. ISBN 9781450355865. URL https://doi.org/10.1145/3167084.
[9]
Gavin Andresen and Mike Hearn. Bip 70: Payment protocol, Jul 2013. URL https://bips.dev/70/.
[10]
Danil Annenkov, Jakob Botsch Nielsen, and Bas Spitters. Concert: A smart contract certification framework in coq. In Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and Proofs, CPP 2020, page 215--228, New York, NY, USA, 2020. Association for Computing Machinery. ISBN 9781450370974. URL https://doi.org/10.1145/ 3372885.3373829.
[11]
Kenichi Arai and Toshinobu Kaneko. Formal verification of improved numeric comparison protocol for secure simple paring in bluetooth using proverif. In Proceedings of the International Conference on Security and Management (SAM), page 1. The Steering Committee of The World Congress in Computer Science, 2014.
[12]
Lukas Aumayr, Pedro Moreno-Sanchez, Aniket Kate, and Matteo Maffei. Blitz: Secure multi-hop payments without two-phase commits. In USENIX Security Symposium, pages 4043--4060. USENIX Association, 2021.
[13]
Lukas Aumayr, Kasra Abbaszadeh, and Matteo Maffei. Thora: Atomic and privacypreserving multi-channel updates. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, page 165--178, Los Angeles CA USA, Nov 2022. ACM. ISBN 978--1--4503--9450--5. URL https://dl.acm.org/doi/10.1145/3548606.3560556.
[14]
Xiaomin Bai, Zijing Cheng, Zhangbo Duan, and Kai Hu. Formal modeling and verification of smart contracts. ICSCA 2018, page 322--326, New York, NY, USA, 2018. Association for Computing Machinery. ISBN 9781450354141. URL https://doi.org/10.1145/3185089.3185138.
[15]
David Basin, Jannik Dreier, Lucca Hirschi, Sa'a Radomirovic, Ralf Sasse, and Vincent Stettler. A formal analysis of 5g authentication. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pages 1383--1396, 2018.
[16]
Karthikeyan Bhargavan, Bruno Blanchet, and Nadim Kobeissi. Verified models and reference implementations for the tls 1.3 standard candidate. In 2017 IEEE Symposium on Security and Privacy (SP), pages 483--502. IEEE, 2017.
[17]
Alex Biryukov, Gleb Naumenko, and Sergei Tikhomirov. Analysis and probing of parallel channels in the lightning network. Cryptology ePrint Archive, Paper 2021/384, 2021. URL https://eprint.iacr.org/2021/384. https://eprint.iacr.org/2021/ 384.
[18]
Steve Bishop, Matthew Fairbairn, Hannes Mehnert, Michael Norrish, Tom Ridge, Peter Sewell, Michael Smith, and Keith Wansbrough. Engineering with logic: Rigorous test-oracle specification and validation for tcp/ip and the sockets api. Journal of the ACM, 66(1):1--77, Feb 2019. ISSN 0004--5411, 1557--735X.
[19]
Bruno Blanchet et al. Modeling and verifying security protocols with the applied pi calculus and proverif. Foundations and Trends® in Privacy and Security, 1(1--2): 1--135, 2016.
[20]
BOLT: Basis of Lightning Technology (Lightning Network Specifications). Bolt: Basis of lightning technology (lightning network specifications), May 2023. URL https://github.com/lightning/bolts.
[21]
Lea Salome Brugger. Automating proofs of game-theoretic security properties of off-chain protocols. MS Thesis, 2022.
[22]
Jonas Bushart and Christian Rossow. Resolfuzz: Differential fuzzing of dns resolvers.
[23]
Ran Canetti, Yevgeniy Dodis, Rafael Pass, and Shabsi Walfish. Universally composable security with global setup. In Theory of Cryptography: 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, February 21--24, 2007. Proceedings 4, pages 61--85. Springer, 2007.
[24]
Richard Chang and Vitaly Shmatikov. Formal analysis of authentication in bluetooth device pairing. Fcs-arspa07, 45, 2007.
[25]
Tyler Crain, Christopher Natoli, and Vincent Gramoli. Red belly: A secure, fair and scalable open blockchain. In 2021 IEEE Symposium on Security and Privacy (SP), pages 466--483. IEEE, 2021.
[26]
Cas Cremers and Dennis Jackson. Prime, order please! revisiting small subgroup and invalid curve attacks on protocols using diffie-hellman. In 2019 IEEE 32nd Computer Security Foundations Symposium (CSF), pages 78--7815. IEEE, 2019.
[27]
Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, and Thyla van der Merwe. A comprehensive symbolic analysis of tls 1.3. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 1773--1788, 2017.
[28]
Cas Cremers, Jaiden Fairoze, Benjamin Kiesl, and Aurora Naska. Clone detection in secure messaging: improving post-compromise security in practice. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pages 1481--1495, 2020.
[29]
Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels. Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In 2020 IEEE Symposium on Security and Privacy (SP), page 910--927, May 2020. SP40000.2020.00040.
[30]
Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella-Béguelin, Karthikeyan Bhargavan, Jianyang Pan, and Jean Karim Zinzindohoue. Implementing and proving the tls 1.3 record layer. In 2017 IEEE Symposium on Security and Privacy (SP), pages 463--482. IEEE, 2017.
[31]
D. Dolev and A. Yao. On the security of public key protocols. 29:198--208, Mar 1983. ISSN 1557--9654.
[32]
Thaddeus Dryja. Unlinkable outsourced channel monitoring. Talk transcript) https://diyhpl. us/wiki/transcripts/scalingbitcoin/milan/unlinkableoutsourced- channel-monitoring, 2016.
[33]
Stefan Dziembowski, Sebastian Faust, and Kristina Hostáková. General state channel networks. In ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 949--966, 2018.
[34]
Christoph Egger, Pedro Moreno-Sanchez, and Matteo Maffei. Atomic multichannel updates with constant collateral in bitcoin-compatible payment-channel networks. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS '19, page 801--815, New York, NY, USA, Nov 2019. Association for Computing Machinery. ISBN 978--1--4503--6747--9. URL https://dl.acm.org/doi/10.1145/3319535.3345666.
[35]
Guillaume Girol, Lucca Hirschi, Ralf Sasse, Dennis Jackson, Cas Cremers, and David Basin. A spectral analysis of noise: A comprehensive, automated, formal analysis of {Diffie-Hellman} protocols. In 29th USENIX Security Symposium (USENIX Security 20), pages 1857--1874, 2020.
[36]
Ilya Grishchenko, Matteo Maffei, and Clara Schneidewind. Ethertrust: Sound static analysis of ethereum bytecode. Technische Universität Wien, Tech. Rep, pages 1--41, 2018.
[37]
Matthias Grundmann. Verifying Payment Channels with TLA. 2021. URL https://www.youtube.com/watch?v=wecVT_4QDcU.
[38]
Matthias Grundmann and Hannes Hartenstein. Towards a formal verification of the lightning network with tla. (arXiv:2307.02342), July 2023. URL http: //arxiv.org/abs/2307.02342. arXiv:2307.02342 [cs].
[39]
Lewis Gudgeon, Pedro Moreno-Sanchez, Stefanie Roos, Patrick McCorry, and Arthur Gervais. Sok: Layer-two blockchain protocols. In Joseph Bonneau and Nadia Heninger, editors, Financial Cryptography and Data Security, volume 12059 of Lecture Notes in Computer Science, page 201--226. Springer International Publishing, 2020. ISBN 978--3-030--51279--8. URL http://link.springer.com/10.1007/978--3-030--51280--4_12.
[40]
Jona Harris and Aviv Zohar. Flood & loot: A systemic attack on the lightning network. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, pages 202--213, 2020.
[41]
Jordi Herrera-Joancomartí, Guillermo Navarro-Arribas, Alejandro Ranchal- Pedrosa, Cristina Pérez-Solà, and Joaquin Garcia-Alfaro. On the difficulty of hiding the balance of lightning network channels. In ACM Asia Conference on Computer and Communications Security (AsiaCSS), pages 602--612, 2019.
[42]
Gerard J. Holzmann. The model checker spin. IEEE Transactions on software engineering, 23(5):279--295, 1997.
[43]
Daniel Jackson. Software Abstractions: logic, language, and analysis. MIT press, 2012.
[44]
Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, and Cristina Nita- Rotaru. Automated attack discovery in tcp congestion control using a modelguided approach. In Proceedings of the Applied Networking Research Workshop, page 95--95, Montreal QC Canada, Jul 2018. ACM. ISBN 978--1--4503--5585--8. URL https://dl.acm.org/doi/10.1145/3232755.3232769.
[45]
Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, and Cristina Nita- Rotaru. Automated attack discovery in tcp congestion control using a modelguided approach. In Proceedings of the Applied Networking Research Workshop, page 95--95, Montreal QC Canada, Jul 2018. ACM. ISBN 978--1--4503--5585--8. URL https://dl.acm.org/doi/10.1145/3232755.3232769.
[46]
Bo Jiang, Ye Liu, and W. K. Chan. Contractfuzzer: Fuzzing smart contracts for vulnerability detection. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, ASE '18, page 259--269, New York, NY, USA, 2018. Association for Computing Machinery. ISBN 9781450359375. URL https://doi.org/10.1145/3238147.3238177.
[47]
George Kappos, Haaroon Yousaf, Ania Piotrowska, Sanket Kanjalkar, Sergi Delgado-Segura, Andrew Miller, and Sarah Meiklejohn. An empirical analysis of privacy in the lightning network. Financial Cryptography and Data Security, 2021.
[48]
Matt Kaufmann and J. Strother Moore. Acl2 version 8.5, 2022. URL https: //www.cs.utexas.edu/users/moore/acl2/.
[49]
Aggelos Kiayias and Orfeas Stefanos Thyfronitis Litos. A composable security treatment of the lightning network. In 2020 IEEE 33rd Computer Security Foundations Symposium (CSF), page 334--349, Jun 2020.
[50]
Nadim Kobeissi, Karthikeyan Bhargavan, and Bruno Blanchet. Automated verification for secure messaging protocols and their implementations: A symbolic and computational approach. In 2017 IEEE European symposium on security and privacy (EuroS&P), pages 435--450. IEEE, 2017.
[51]
Nadim Kobeissi, Georgio Nicolas, and Karthikeyan Bhargavan. Noise explorer: Fully automated modeling and verification for arbitrary noise protocols. In 2019 IEEE European Symposium on Security and Privacy (EuroS&P), pages 356--370. IEEE, 2019.
[52]
Ankit Kumar, Max von Hippel, Panaiotis Manolios, and Cristina Nita-Rotaru. Formal model-driven analysis of resilience of gossipsub to attacks from misbehaving peers. In 2024 IEEE Symposium on Security and Privacy (SP), pages 17--17, Los Alamitos, CA, USA, may 2024. IEEE Computer Society. 00017. URL https://doi.ieeecomputersociety.org/10.1109/SP54263.2024.00017.
[53]
Piyush Kumar Sharma, Devashish Gosain, and Claudia Diaz. On the anonymity of peer-to-peer network anonymity schemes used by cryptocurrencies. In Network and Distributed System Security Symposium (NDSS). Internet Society, 2023.
[54]
Satwik Prabhu Kumble, Dick Epema, and Stefanie Roos. How lightning's routing diminishes its anonymity. In International Conference on Availability, Reliability and Security (ARES), pages 1--10, 2021.
[55]
lightningnetwork/lnd: Lightning Network Daemon. lightningnetwork/lnd: Lightning network daemon. URL https://github.com/lightningnetwork/lnd.
[56]
Chao Liu, Han Liu, Zhao Cao, Zhong Chen, Bangdao Chen, and Bill Roscoe. Reguard: Finding reentrancy bugs in smart contracts. In Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings, ICSE '18, page 65--68, New York, NY, USA, 2018. Association for Computing Machinery. ISBN 9781450356633. URL https: //doi.org/10.1145/3183440.3183495.
[57]
Gavin Lowe. An attack on the needham-schroeder public-key authentication protocol. Information processing letters, 56(3), 1995.
[58]
Gavin Lowe. Breaking and fixing the needham-schroeder public-key protocol using fdr. In International Workshop on Tools and Algorithms for the Construction and Analysis of Systems, pages 147--166. Springer, 1996.
[59]
Paolo Maggi and Riccardo Sisto. Using spin to verify security properties of cryptographic protocols. In International SPIN Workshop on Model Checking of Software, pages 187--204. Springer, 2002.
[60]
Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, and Srivatsan Ravi. Concurrency and privacy with payment-channel networks. In CCS, pages 455--471. ACM, 2017.
[61]
Giulio Malavolta, Pedro Moreno-Sanchez, Clara Schneidewind, Aniket Kate, and Matteo Maffei. Anonymous multi-hop locks for blockchain scalability and interoperability. In Proceedings 2019 Network and Distributed System Security Symposium, San Diego, CA, 2019. Internet Society. ISBN 978--1--891562--55--6. URL https://www.ndss-symposium.org/wp-content/ uploads/2019/02/ndss2019_09--4_Malavolta_paper.pdf.
[62]
Anastasia Mavridou, Aron Laszka, Emmanouela Stachtiari, and Abhishek Dubey. Verisolid: Correct-by-design smart contracts for ethereum. In Ian Goldberg and Tyler Moore, editors, Financial Cryptography and Data Security, pages 446--465, Cham, 2019. Springer International Publishing.
[63]
Patrick McCorry, Surya Bakshi, Iddo Bentov, Sarah Meiklejohn, and Andrew Miller. Pisa: Arbitration outsourcing for state channels. In Proceedings of the 1st ACM Conference on Advances in Financial Technologies, page 16--30, Zurich Switzerland, Oct 2019. ACM. ISBN 978--1--4503--6732--5. 3355461. URL https://dl.acm.org/doi/10.1145/3318041.3355461.
[64]
Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. The tamarin prover for the symbolic analysis of security protocols. In Computer Aided Verification: 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13--19, 2013. Proceedings 25, pages 696--701. Springer, 2013.
[65]
Andrew Miller, Iddo Bentov, Surya Bakshi, Ranjit Kumaresan, Patrick Mc- Corry, Ranjit Kumaresan, and Patrick McCorry. Sprites and State Channels: Payment Networks that Go Faster Than Lightning, volume 11598 of Lecture Notes in Computer Science, page 508--526. Springer International Publishing, Cham, 2019. ISBN 978--3-030--32100-0. URL http://link.springer.com/10.1007/978--3-030--32101--7_30.
[66]
Ayelet Mizrahi and Aviv Zohar. Congestion Attacks in Payment Channel Networks, volume 12675 of Lecture Notes in Computer Science, page 170--188. Springer Berlin Heidelberg, Berlin, Heidelberg, 2021. ISBN 978--3--662--64330--3. URL https://link.springer.com/10.1007/978--3--662--64331-0_9.
[67]
Paolo Modesti, Siamak F. Shahandashti, Patrick McCorry, and Feng Hao. Formal modelling and security analysis of bitcoin's payment protocol. Computers & Security, 107:102279, Aug 2021. ISSN 01674048. arXiv: 2103.08436.
[68]
Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. Decentralized business review, 2008.
[69]
Wonhong Nam and Hyunyoung Kil. Formal verification of blockchain smart contracts via atl model checking. IEEE Access, 10:8151--8162, 2022. ACCESS.2022.3143145.
[70]
Zeinab Nehaï, Pierre-Yves Piriou, and Frédéric Daumas. Model-checking of smart contracts. In 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pages 980--987, 2018.
[71]
Trung Nguyen and Jean Leneutre. Formal analysis of secure device pairing protocols. In 2014 IEEE 13th International Symposium on Network Computing and Applications, pages 291--295. IEEE, 2014.
[72]
Utz Nisslmueller, Klaus-Tycho Foerster, Stefan Schmid, and Christian Decker. Toward active and passive confidentiality attacks on cryptocurrency off-chain networks, 2020.
[73]
Thomas Osterland and Thomas Rose. Model checking smart contracts for ethereum. Pervasive and Mobile Computing, 63:101129, 2020. ISSN 1574--1192. URL https://www.sciencedirect.com/ science/article/pii/S1574119220300171.
[74]
Cristina Pérez-Sola, Alejandro Ranchal-Pedrosa, Jordi Herrera-Joancomartí, Guillermo Navarro-Arribas, and Joaquin Garcia-Alfaro. Lockdown: Balance availability attack against lightning network channels. In International Conference on Financial Cryptography and Data Security, pages 245--263. Springer, 2020.
[75]
Raphael C-W Phan and Patrick Mingard. Analyzing the secure simple pairing in bluetooth v4.0. Wireless Personal Communications, 64:719--737, 2012.
[76]
Joseph Poon and Thaddeus Dryja. The bitcoin lightning network: Scalable offchain instant payments, 2016.
[77]
S. Rain, G. Avarikioti, L. Kovács, and M. Maffei. Towards a game-theoretic security analysis of off-chain protocols. In 2023 2023 IEEE 36th Computer Security Foundations Symposium (CSF) (CSF), pages 31--46, Los Alamitos, CA, USA, Jul 2023. IEEE Computer Society. URL https: //doi.ieeecomputersociety.org/10.1109/CSF57540.2023.00003.
[78]
Pete Rizzo. Making sense of bitcoin's divisive block size debate, Jan 2016. URL https://www.coindesk.com/markets/2016/01/19/making-sense-of-bitcoinsdivisive- block-size-debate/.
[79]
Elias Rohrer and Florian Tschorsch. Counting down thunder: Timing attacks on privacy in payment channel networks. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, AFT '20, page 214--227, New York, NY, USA, 2020. Association for Computing Machinery. ISBN 9781450381390. URL https://doi.org/10.1145/3419614.3423262.
[80]
Elias Rohrer, Julian Malliaris, and Florian Tschorsch. Discharged payment channels: Quantifying the lightning network's resilience to topology-based attacks. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), page 347--356, Stockholm, Sweden, Jun 2019. IEEE. ISBN 978--1--72813-026--2. URL https://ieeexplore.ieee.org/document/ 8802506/.
[81]
Tianyu Sun andWensheng Yu. Aformal verification framework for security issues of blockchain smart contracts. Electronics, 9(2):255, Feb 2020. ISSN 2079--9292. URL http://dx.doi.org/10.3390/electronics9020255.
[82]
Pierre Tholoniat and Vincent Gramoli. Formal verification of blockchain byzantine fault tolerance. In Handbook on Blockchain, pages 389--412. Springer, 2022.
[83]
Sergei Tikhomirov, Pedro Moreno-Sanchez, and Matteo Maffei. A quantitative analysis of security, anonymity and scalability for the lightning network. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 387--396, 2020.
[84]
Christof Ferreira Torres, Antonio Ken Iannillo, Arthur Gervais, and Radu State. Confuzzius: A data dependency-aware hybrid fuzzer for smart contracts. In 2021 IEEE European Symposium on Security and Privacy (EuroS&P), page 103--119, Vienna, Austria, Sep 2021. IEEE. ISBN 978--1--66541--491--3. 2021.00018. URL https://ieeexplore.ieee.org/document/9581164/.
[85]
Itay Tsabary, Matan Yechieli, Alex Manuskin, and Ittay Eyal. Mad-htlc: Because htlc is crazy-cheap to attack. page 1230--1248, May 2021. 2021.00080.
[86]
Max von Hippel, Cole Vick, Stavros Tripakis, and Cristina Nita-Rotaru. Automated attacker synthesis for distributed protocols. In International Conference on Computer Safety, Reliability, and Security, pages 133--149. Springer, 2020.
[87]
SarishtWadhwa, Jannis Stoeter, Fan Zhang, and Kartik Nayak. He-htlc: Revisiting incentives in htlc. In Proceedings 2023 Network and Distributed System Security Symposium, San Diego, CA, USA, 2023. Internet Society. ISBN 978--1--891562--83- 9. URL https://www.ndss-symposium.org/wpcontent/ uploads/2023/02/ndss2023_f775_paper.pdf.
[88]
Ben Weintraub, Cristina Nita-Rotaru, and Stefanie Roos. Structural attacks on local routing in payment channel networks. In Workshop on Security & Privacy on the Blockchain, page 362--374. IEEE, Sep 2021. 2021.00046.
[89]
Ben Weintraub, Christof Ferreira Torres, Cristina Nita-Rotaru, and Radu State. A flash(bot) in the pan: Measuring maximal extractable value in private pools. In Proceedings of the 22nd ACM Internet Measurement Conference (IMC '22), Nice, France, 2022. Association for Computing Machinery. ISBN 978--1--4503--9259--4.
[90]
Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave Jing Tian, and Antonio Bianchi. Formal model-driven discovery of bluetooth protocol design vulnerabilities. In 2022 IEEE Symposium on Security and Privacy (SP), pages 2285--2303. IEEE, 2022.
[91]
Philipp Zabka, Klaus-T. Foerster, Stefan Schmid, and Christian Decker. Empirical evaluation of nodes and channels of the lightning network. Pervasive and Mobile Computing, 83:101584, Jul 2022. ISSN 1574--1192.
Index Terms
- Payout Races and Congested Channels: A Formal Analysis of Security in the Lightning Network
Recommendations
Securing Lightning Channels against Rational Miners
CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications SecurityPayment channel networks (e.g., the Lightning Network in Bitcoin) constitute one of the most popular scalability solutions for blockchains. Their safety relies on parties being online to detect fraud attempts on-chain and being able to timely react by ...
Cerberus Channels: Incentivizing Watchtowers for Bitcoin
Financial Cryptography and Data SecurityAbstractBitcoin and similar blockchain systems have a limited transaction throughput because each transaction must be processed by all parties, on-chain. Payment channels relieve the blockchain by allowing parties to execute transactions off-chain while ...
Suborn Channels: Incentives Against Timelock Bribes
Financial Cryptography and Data SecurityAbstractAs the Bitcoin mining landscape becomes more competitive, analyzing potential attacks under the assumption of rational miners becomes increasingly relevant. In the rational setting, blockchain users can bribe miners to reap an unfair benefit. ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
December 2024
5188 pages
ISBN:9798400706363
DOI:10.1145/3658644
- General Chairs:
- Bo Luo,
- Xiaojing Liao,
- Jun Xu,
- Program Chairs:
- Engin Kirda,
- David Lie
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 December 2024
Check for updates
Badges
Author Tags
Qualifiers
- Research-article
Funding Sources
- National Sciecne Foundation
Conference
CCS '24
Sponsor:
CCS '24: ACM SIGSAC Conference on Computer and Communications Security
October 14 - 18, 2024
UT, Salt Lake City, USA
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 112Total Downloads
- Downloads (Last 12 months)112
- Downloads (Last 6 weeks)112
Reflects downloads up to 17 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in