Researchers Highlight Privacy Issues With Lightning Network

Published at: April 17, 2020

Researchers from the Norwegian University and the University of Luxembourg have published a research paper detailing an attack that can deanonymize transactions broadcast across Bitcoin’s Lightning Network. 

The Lightning Network emerged as a controversial compromise from the Bitcoin (BTC) block limit and scalability debate. It’s a second layer solution that facilitates near-instant, low-cost Bitcoin transactions. Proponents claim it offers privacy by implementing segregated witness (SegWit).

University students crack Lightning channel balances

Four researchers from universities in Norway and Luxembourg including Bitcoin, along with Lightning community developer Ren Pickhardt, contributed to the research. The academics claim to have used transfer routing to ‘probe’ Lightning channels and discover the sum of Bitcoin held in balances. 

The paper describes the ‘probe attack’ as taking “under a minute per channel” and requiring “moderate capital commitment and no expenditures”. 

Routed transfers exploited to reveal balances

Payments are processed over the Lightning Network, either directly between two parties, or routed — that’s where an individual sends funds to a channel they do not have direct access to via a mutual third-parties.

By using a myriad of routed transactions on the Bitcoin testnet the researchers were able to reveal channel balances. The attack is virtually free to execute, with the researchers configuring all transactions underpinning its probing attacks to fail “either due to insufficient balance or due to intentionally wrong hash value.” 

Solutions have privacy-efficiency trade-offs

The team proposes several potential solutions to the probing attack, however, emphasize that each possible fix requires a trade-off between privacy and efficiency.

The scholars proposed modifications to Lightning’s protocol that would reduce transaction efficiency, in addition to new way to broadcast channel balances — although the method undermines privacy.

Ultimately, the researchers argue that a combination of both approaches is the optimal solution — where private data is hidden when feasible, and public data is also utilized for higher routing efficiency.

The Lightning Network currently comprises over 11,000 nodes, 36,000 payment channels, and holds roughly 900 BTC.

Tags
Related Posts
The Future of Crypto: The Latest Cryptography Advances Set to Change Blockchain
Cryptocurrencies could not exist without cryptography. Advances in this field can have far-reaching impacts on blockchain technology and its potential. We will examine the opinions of industry experts on the latest cryptographic advances and their potential for cryptocurrencies. Zero knowledge proofs: more than just privacy Director of research at blockchain firm Blockstream and mathematician Andrew Poelstra told Cointelegraph that zero-knowledge proof (ZK-Proof) systems are “one of the most exciting areas of development” in the cryptography space. This kind of cryptography is known and appreciated for being the basis of privacy-preserving solutions. ZK-Proofs are the basis of the privacy-preserving technology included …
Blockchain / Feb. 20, 2020
Charles Hoskinson: Blockstream Founder Adam Back 'Checks All The Boxes' as Satoshi
In a recent Cointelgraph interview, Ethereum co-founder and Cardano founder Charles Hoskinon said that he believes that Adam Back “checks all the boxes” as a Satoshi Nakamoto candidate. The puzzle of Satoshi’s true identity never seems to get old. Although Hoskinson admits that he does not have any hard evidence connecting the Blockstream’s founder to the pseudonymous Bitcoin creator, he did make a mental profile of Satoshi — Back seemingly has a perfect fit. Hoskinson believes that Satoshi was somebody, who lived either in Western Europe of the coastal United States, was comfortable with British English, and had a background …
Bitcoin / May 26, 2020
What Are Zk-SNARKs and How Do They Affect Digital Privacy?
At a time when technology can be used as both a mechanism for privacy intrusions and a tool for protecting privacy, the prescient sentiment of cypherpunks in the 1990s of cryptography as the last defense against a digital surveillance dystopia rings truer than ever. And one of the most potent instruments for defending digital privacy has recently gained significant momentum thanks to the advent of cryptocurrencies. An iteration of zero-knowledge proofs, trustless zero-knowledge proof systems that are also referred to as zk-SNARKs are a powerful cryptographic primitive that can sever any tractable piece of data between two parties over a …
Blockchain / March 5, 2020
Blockstream dreams up a whole new type of multisig called ROAST
The research unit of Bitcoin (BTC)-focused blockchain tech firm Blockstream has published a proposal for a new type of multisignature standard called Robust Asynchronous Schnorr Threshold Signatures (ROAST). It hopes to avoid the problem of transaction failures due to absent or even malicious signers and can work at scale. The term multisig, or multisignature, refers to a method of transaction in which two or more signatures are required to sign off before it can be executed. The standard is widely adopted in crypto. According to a Wednesday blog post from Blockstream research, the basic idea of ROAST is to make …
Blockchain / May 25, 2022
The Lightning Network Lunch: A Bitcoin contactless payment story
The Lightning Network (LN) just got a bit faster, as the suitably named Bolt Card now enables Bitcoin (BTC) enthusiasts to pay for goods and services using contactless technology. A data analyst at the company behind the card, CoinCorner, took the Bolt card on a trial run on the Isle of Man, a British Crown dependency in the Irish Sea. “MSW” — as he is known — tapped to pay at more than eight point-of-sale (PoS) devices during his lunchtime investigation. It worked like this: For any PoS device showing a Lightning invoice, MSW simply hovered the NFC-enabled Bolt Card …
Adoption / May 18, 2022