Aumayr, L., Moreno-Sanchez, P., Kate, A., & Maffei, M. (2023). Breaking and Fixing Virtual Channels: Domino Attack and Donner. In Proceedings Network and Distributed System Security Symposium 2023. 30th Annual Network and Distributed System Security Symposium (NDSS) 2023, San Diego, United States of America (the). https://doi.org/10.14722/ndss.2023.24370
Payment channel networks (PCNs) mitigate the scalability issues of current decentralized cryptocurrencies. They allow for arbitrarily many payments between users connected through a path of intermediate payment channels, while requiring interacting with the blockchain only to open and close the channels. Unfortunately, PCNs are (i) tailored to payments, excluding more complex smart contract functionalities, such as the oracle-enabling Discreet Log Contracts and (ii) their need for active participation from intermediaries may make payments unreliable, slower, expensive, and privacy-invasive. Virtual channels are among the most promising techniques to mitigate these issues, allowing two endpoints of a path to create a direct channel over the intermediaries without any interaction with the blockchain. After such a virtual channel is constructed, (i) the endpoints can use this direct channel for applications other than payments and (ii) the intermediaries are no longer involved in updates.
In this work, we first introduce the Domino attack, a new DoS/griefing style attack that leverages virtual channels to destruct the PCN itself and is inherent to the design adopted by the existing Bitcoin-compatible virtual channels. We then demonstrate its severity by a quantitative analysis on a snapshot of the Lightning Network (LN), the most widely deployed PCN at present. We finally discuss other serious drawbacks of existing virtual channel designs, such as the support for only a single intermediary, a latency and blockchain overhead linear in the path length, or a non-constant storage overhead per user.
We then present Donner, the first virtual channel construction that overcomes the shortcomings above, by relying on a novel design paradigm. We formally define and prove security and privacy properties in the Universal Composability framework. Our evaluation shows that Donner is efficient, reduces the on-chain number of transactions for disputes from linear in the path length to a single one, which is the key to prevent Domino attacks, and reduces the storage overhead from logarithmic in the path length to constant. Donner is Bitcoin-compatible and can be easily integrated in the LN.
en
Project title:
Security and Privacy for the COMIT Network: Funding Agreement coblox (CoBloX Pty Ltd.) Foundations and Tools for Client-Side Web Security: 771527 (Europäischer Forschungsrat (ERC)) Cryptographic Foundations for Future-proof Internet Security: P31621-N38 (FWF Fonds zur Förderung der wissenschaftlichen Forschung (FWF)) SBA - COOP COMET SBA2: 843274 (FFG - Österr. Forschungsförderungs- gesellschaft mbH) Forschungszentrum für Cybersicherheit und Datenschutz in Wien: ViSP (Wirtschaftsagentur Wien Ein Fonds der Stadt Wien) Blockchaintechnologien für das Internet der Dinge: CDL-BOT (Christian Doppler Forschungsgesells)
-
Project (external):
National Science Foundation Madrid regional government EIE Funds of the European Union HACRYPT IJC2020-043391-I/MCIN/AEI/10.13039/501100011033 European Union NextGenerationEU/PRTR MCIN/AEI/10.13039/501100011033/ and the European Union NextGenerationEU/PRTR SCUM Project
-
Project ID:
CNS-1846316 S2018/TCS-4339 (BLOQUES-CM) N00014-19-1-2292 PRODIGY Project TED2021-132464B-I00 (RTI2018- 102043-B-I00) MCIN/AEI/10.13039/501100011033/ERDF A way of making Europe.