Hungarian researchers found flaws with the Lightning Network
The researchers of SZTAKI - Ferenc Béres and András Benczúr, and ELTE doctoral student István Seres - examined Lightning Network, the most popular payment channel network designed to solve Bitcoin problems - slowness and scalability. Lightning Network is not anonymous enough and may not work at all.
Bitcoin, Ethereum, and other cryptocurrencies form a new branch of cryptography that takes a huge leap forward in trust minimization: cryptocurrencies enable one to send money across the globe without trusting any banks or other financial intermediaries. Moreover, the whole state of the system, including all transactions stored in the blockchain, is publicly verifiable.
However, the price of decentralization and public verifiability is limited scalability. Bitcoin is able to process, on average, 7 transactions per second, while mainstream payment providers (Visa, Mastercard) process 40-50,000 transactions per second during peak hours. Furthermore, a cryptocurrency transaction is not guaranteed to finalize immediately after issuing it, and also the transaction fees may vary largely. The applied cryptography community is actively seeking solutions to alleviate the disadvantages and improve the scalability.
Payment Channels to Scale the Blockchain
Payment channel networks as additional layers on top cryptocurrencies form a prevalent scalability solution. They enable users to send payments that immediately finalize and incur negligible transaction fees.
Payment channel networks bring network science into crypto-economics research. This is the point where researchers of the Institute for Computer Science and Control (SZTAKI) in Hungary joined in. They use network science for a deeper understanding of payment channel network formation and economics.
Payment channel networks can be modelled by undirected weighted graphs where nodes denote users and edges between users represent payment channels. Users can send payments back and forth up to the capacity of the channel, whose validity is typically guaranteed by funds secured at the two ends of the channel. In this way, even if there is no direct payment channel between two users, they can securely route payments to each other through non-trusted third parties. Router nodes can claim transaction fees for routing these payments as a form of a return of investment for the funds they secure on their channels.
What is Lightning Network?
Lightning Network is the payment channel network of Bitcoin. Currently, Lightning Network is the most popular and mostly adopted payment channel network in the cryptocurrency industry with thousands of users and tens of thousands of payment channels. Many believe that Lightning Network will solve the scalability and privacy issues of Bitcoin, since by using Lightning Network, most transactions are not recorded in the slow and costly-to-maintain blockchain, but issued privately in the overlay network.
Our researchers were curious to quantitatively assess how these ambitious promises are currently fulfilled. First and foremost, it is crucial that routers are incentivized enough to forward payments. We observe that Lightning Network is a fairly centralized graph in which routing is mostly accomplished by a handful of nodes only. If they cease to operate, then the whole network becomes dysfunctional.
We have found that with the current level of usage and transaction fees, central router nodes essentially have no incentive to forward payments. This implies that if they acted financially rational, then they would charge fees higher by orders of magnitude than the current transaction fees. Our findings suggest that the Lightning Network, along with other smaller payment channel networks, operate probably only on the goodwill of a few enthusiastic nodes.
For any currency system, it is vital to provide financial privacy. Individuals and companies do not want to disclose their balances and their entire transaction history. Currently, all transactions of a Bitcoin address are public, hence if the Bitcoin address can be linked to a person, all transactions and balances are automatically revealed.
The privacy solution of Lightning Network payments is onion routing, which means that an intermediary gains no knowledge of its position in the payment route. If Alice’s payment is forwarded through a router node to Bob, the router cannot be sure whether Alice or one of Alice’s neighbors was the originator of the payment.
Unfortunately, onion routing turns out to be insufficient to fulfil the privacy provisions. We have confuted the common misbelief that payment channel networks provide strong payment privacy by measuring the topology of the network. Due to the small-world nature of the Lightning Network, most of the shortest and cheapest paths between any two pairs of nodes consist of only one or two hops. We measured that the routing nodes have strong statistical evidence of either the source or the target for more than 50% of the routed payments, which harms the privacy provisions of Lightning Network and reduces the fungibility of Bitcoin.
As an aftermath of our research, we expect to see more and more work in network science to spring into the cryptocurrency space. It is very much needed to understand and rigorously analyze cryptographic systems from a network perspective as well since many properties of cryptocurrencies (financial incentives, scalability, privacy) depend on their topological properties.
Our results published as preprint arXiv:1911.09432, https://arxiv.org/pdf/1911.09432 on 21 November 2019 raised fast response in the crypto-economics community, with Tweets by professor Emin Gün Sirer from Cornell, news portals from Germany to China and Brasil below.