Patrick McCorry
ABSTRACT
State channels are a leading approach for improving the scalability of blockchains and cryptocurrencies. They allow a group of distrustful parties to optimistically execute an application-defined program amongst themselves, while the blockchain serves as a backstop in case of a dispute or abort. This effectively bypasses the congestion, fees and performance constraints of the underlying blockchain in the typical case. However, state channels introduce a new and undesirable assumption that a party must remain online and synchronised with the blockchain at all times to defend against execution fork attacks. An execution fork can revert a state channel's history, potentially causing financial damage to a party that is innocent except for having crashed. To provide security even to parties that may go offline for an extended period of time, we present Pisa, the first protocol to propose an accountable third party who can be hired by parties to cancel execution forks on their behalf. To evaluate Pisa, we provide a proof-of-concept implementation for a simplified Sprites and we demonstrate that it is cost-efficient to deploy on the Ethereum network.
- An and Bellare. Does encryption with redundancy provide authenticity? In EUROCRYPT: Advances in Cryptology: Proceedings of EUROCRYPT, 2001.Google Scholar
- Iddo Bentov, Ranjit Kumaresan, and Andrew Miller. Instantaneous decentralized poker. In Asiacrypt, 2017.Google ScholarCross Ref
- bitbug42. Hackers tried to steal funds from a Lightning channel, just to end up losing theirs as the penalty system worked as expected. mar 2018.Google Scholar
- Conrad Burchert, Christian Decker, and Roger Wattenhofer. Scalable funding of bitcoin micropayment channel networks. In International Symposium on Stabilization, Safety, and Security of Distributed Systems, pages 361--377. Springer, 2017.Google ScholarCross Ref
- Alessandro Chiesa, Matthew Green, Jingcheng Liu, Peihan Miao, Ian Miers, and Pratyush Mishra. Decentralized anonymous micropayments. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 609--642. Springer, 2017.Google ScholarCross Ref
- Loredana Cirstea. Monitoring service: on-chain rewards proposal, 2018. https://github.com/raiden-network/spec/issues/46.Google Scholar
- Jeff Coleman. http://www.jeffcoleman.ca/state-channels/, November 2015.Google Scholar
- Kyle Croman, Christian Decker, Ittay Eyal, Adem Efe Gencer, Ari Juels, Ahmed Kosba, Andrew Miller, Prateek Saxena, Elaine Shi, and Emin Gün. On scaling decentralized blockchains. In Proc. 3rd Workshop on Bitcoin and Blockchain Research, 2016.Google ScholarCross Ref
- Christian Decker and Roger Wattenhofer. A fast and scalable payment network with bitcoin duplex micropayment channels. In Stabilization, Safety, and Security of Distributed Systems, pages 3--18. Springer, 2015.Google ScholarDigital Library
- Thaddeus Dryja. Unlinkable outsourced channel monitoring, 2016. https://youtu.be/Gzg_u9gHc5Q?t=2875.Google Scholar
- Stefan Dziembowski, Lisa Eckey, Sebastian Faust, and Daniel Malinowski. Perun: Virtual payment channels over cryptographic currencies. IACR Cryptology ePrint Archive, 2017:635, 2017.Google Scholar
- Stefan Dziembowski, Sebastian Faust, and Kristina Hostakova. Foundations of state channel networks. IACR Cryptology ePrint Archive, 2018:320, 2018.Google Scholar
- Oded Goldreich. Foundations of Cryptography: Basic Tools, volume 1. Cambridge University Press, 2001.Google ScholarCross Ref
- Matthew Green and Ian Miers. Bolt: Anonymous payment channels for decentralized currencies. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 473--489. ACM, 2017.Google ScholarDigital Library
- Garrett Hardin. The tragedy of the commons. In Science 162, pages 1243--1248, 1968.Google ScholarCross Ref
- Alyssa Hertig. Bitcoin Lightning Fraud? Laolu Is Building a 'Watchtower' to Fight It. Coindesk, February 2018. https://www.coindesk.com/laolu-building-watchtower-fìght-bitcoin-lightning-fraud/.Google Scholar
- Rami Khalil and Arthur Gervais. Revive: Rebalancing off-blockchain payment networks. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 439--453. ACM, 2017.Google ScholarDigital Library
- Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In Security and Privacy (SP), 2016 IEEE Symposium on, pages 839--858. IEEE, 2016.Google ScholarCross Ref
- Joshua Lind, Ittay Eyal, Florian Kelbert, Oded Naor, Peter R. Pietzuch, and Emin Gün Sirer. Teechain: Scalable blockchain payments using trusted execution environments. CoRR, abs/1707.05454, 2017.Google Scholar
- Loi Luu. Bringing bitcoin to ethereum. April 2018. https://blog.kyber.network/bringing-bitcoin-to-ethereum-7bf29db88b9a.Google Scholar
- Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei, and Srivatsan Ravi. Concurrency and privacy with payment-channel networks. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 455--471. ACM, 2017.Google ScholarDigital Library
- Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun. ROTE: Rollback protection for trusted execution, 2017. http://eprint.iacr.org/2017/048.Google Scholar
- Patrick McCorry, Ethan Heilman, and Andrew Miller. Atomically trading with roger: Gambling on the success of a hardfork. In Data Privacy Management, Cryptocurrencies and Blockchain Technology, pages 334--353. Springer, 2017.Google ScholarCross Ref
- Patrick McCorry, Malte Möser, Siamak F Shahandasti, and Feng Hao. Towards bitcoin payment networks. In Australasian Conference on Information Security and Privacy, pages 57--76. Springer, 2016.Google ScholarDigital Library
- Andrew Miller, Iddo Bentov, Ranjit Kumaresan, and Patrick McCorry. Sprites: Payment channels that go faster than lightning. CoRR, abs/1702.05812, 2017.Google Scholar
- Rachel Rose O'Leary. Blockchain bloat: How ethereum is tackling storage issues. January 2018. https://www.coindesk.com/blockchain-bloat-ethereum-clients-tackling-storage-issues/.Google Scholar
- Olaoluwa Osuntokun. Hardening Lightning. BPASE, February 2018. https://cyber.stanford.edu/sites/default/files/hardening_lightning_updated.pdf.Google Scholar
- Rafael Pass and abhi shelat. A course in cryptography, 2007. http://www.cs.cornell.edu/courses/cs4830/2010fa/lecnotes.pdf.Google Scholar
- Rafael Pass et al. Micropayments for decentralized currencies. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 207--218. ACM, 2015.Google Scholar
- David Pointcheval and Jacques Stern. Security proofs for signature schemes. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 387--398. Springer, 1996.Google ScholarCross Ref
- Joseph Poon and Thaddeus Dryja. The bitcoin lightning network: Scalable off-chain instant payments. draft version 0.5, 9:14, 2016.Google Scholar
- Tim Ruffing, Aniket Kate, and Dominique Schröder. Liar, liar, coins on fire!: Penalizing equivocation by loss of bitcoins. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 219--230. ACM, 2015.Google ScholarDigital Library
- Raoul Strackx and Frank Piessens. Ariadne: A minimal approach to state continuity. In 25th USENIX Security, 2016.Google Scholar
- Serge Vaudenay. The security of dsa and ecdsa. In International Workshop on Public Key Cryptography, pages 309--323. Springer, 2003.Google ScholarCross Ref
- Vitalik Buterin. A simple and principled way to compute rent fees. March 2018. https://ethresear.ch/t/a-simple-and-principled-way-to-compute-rent-fees/1455.Google Scholar
Recommendations
PISA: Pixel skipping-based attentional black-box adversarial attack
AbstractThe studies on black-box and evolutionary algorithm-based adversarial attacks have become increasingly popular due to the intractable acquisition of the structural knowledge of deep neural networks (DNNs). However, the performance of ...
Protocols for Multiparty Coin Toss with a Dishonest Majority
Coin-tossing protocols are protocols that generate a random bit with uniform distribution, although some corrupted parties might try to bias the output. These protocols are used as a building block in many cryptographic protocols. Cleve (Proc. of the ...
Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious
Proceedings, Part I, of the 14th International Conference on Theory of Cryptography - Volume 9985An $$\alpha $$α-fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than $$\alpha $$α. Cleve [STOC 1986] has shown that if half of the ...
Comments