Secure Off-chain Transactions in Blockchain-based Payment Channel Networks

Abstract

Cryptocurrencies enable users to execute a financial transaction without relying on any third party. The use of Blockchain technology guarantees the security and immutability of transactions. Despite these features, blockchain-based financial transactions fail to compete with conventional payment systems like Visa, and PayPal, in terms of scalability. Layer 2 protocols built on top of blockchain solve the scaling difficulties that are faced by the major cryptocurrency networks. Payment Channel Network or PCN is one of the most widely deployed layer 2 protocols. Users are allowed to execute off-chain payments, leading to high throughput. PCN relies on the underlying blockchain for security. After studying the literature, we observed that routing and payment in PCN are the two most challenging tasks. The network is susceptible to attacks where malicious players can intentionally stall payments and eliminate their competitors from the network. In this thesis, we propose an efficient privacy-preserving distributed routing algorithm HushRelay. Experimental analysis shows that our proposed routing algorithm has a higher success ratio and lower execution time compared to the state-of-the-art. Given a set of routes, we propose an atomic and privacy-preserving multi-path payment protocol, CryptoMaze. No honest intermediary loses funds in the process, ensuring balance security. We observe that CryptoMaze is quite efficient and the communication overhead is within feasible bounds. We discuss the griefing attack, a major vulnerability in Bitcoin’s PCN, and propose an efficient countermeasure for the attack, termed Griefing-Penalty. The penalty charged compensates parties who incurred loss by locking funds. We propose a new payment protocol HTLC-GP or Hashed Timelock Contract with Griefing-Penalty that demonstrates the utility of the countermeasure. Finally, we have analyzed griefing attacks in the network from a game-theoretic point of view and observed that HTLC-GP is weakly effective in disincentivizing the attacker in certain conditions. To further increase the cost of attack, we introduce the concept of guaranteed minimum compensation and integrate it into HTLC-GP. This modified payment protocol, HTLC-GP , considers the participants to act rationally. By experimenting on several real instances of PCN, we observed that HTLC-GP is better than HTLC-GP to counter griefing attacks.