Abstract
The Lightning Network is a payment channel network built on top of the cryptocurrency Bitcoin. It allows Bitcoin to scale by performing transactions off-chain to reduce load on the blockchain. Malicious payment channel participants can try to commit fraud by closing channels with outdated balances. The Lightning Network allows resolving this dispute on the blockchain. However, this mechanism forces the channels’ participants to watch the blockchain in regular intervals. It has been proposed to offload this monitoring duty to a third party, called a watchtower. However, existing approaches for watchtowers do not scale as they have storage requirements linear in the number of updates in a channel. In this work, we propose TEE Guard, a new architecture for watchtowers that leverages the features of Trusted Execution Environments to build watchtowers that require only constant memory and are thus able to scale. We show that TEE Guard is deployable because it can run with the existing Bitcoin and Lightning Network protocols. We also show that it is economically viable for a third party to provide watchtower services. As a watchtower needs to be trusted to be watching the blockchain, we also introduce a mechanism that allows customers to verify that a watchtower has been running continuously.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
More specifically, this means that the transaction id of the input equals a funding_txid contained in the list of monitored channels.
- 2.
https://calculator.aws/#/configureEc2, June 2019.
References
BOLT 3: Bitcoin Transaction and Script Formats (2018). https://github.com/lightningnetwork/lightning-rfc/blob/914ebab9080ccccb0ff176/03-transactions.md
Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. HASP 2013, ACM, New York (2013)
Avarikioti, G., Kogias, E.K., Wattenhofer, R.: Brick: asynchronous state channels. arXiv preprint arXiv:1905.11360, May 2019
Avarikioti, G., Laufenberg, F., Sliwinski, J., Wang, Y., Wattenhofer, R.: Towards secure and efficient payment channels. arXiv preprint arXiv:1811.12740 (2018)
Bentov, I., et al.: Tesseract: Real-Time Cryptocurrency Exchange using Trusted Hardware. IACR Cryptology ePrint Archive 2017, 1153 (2017)
Bulck, J.V., et al.: Foreshadow: extracting the Keys to the Intel SGX Kingdom with transient out-of-order execution. In: 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD (2018)
Das, P., et al.: FastKitten: practical smart contracts on bitcoin. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 801–818. USENIX Association, Santa Clara. https://www.usenix.org/conference/usenixsecurity19/presentation/das
Decker, C., Russell, R., Osuntokun, O.: eltoo: a simple Layer2 protocol for Bitcoin. White paper (2018). https://blockstream.com/eltoo.pdf
Dryja, T.: Unlinkable Outsourced Channel Monitoring (10 2016), talk at Scaling Bitcoin, Milano (2016)
Grundmann, M., Leinweber, M., Hartenstein, H.: Banklaves: concept for a trustworthy decentralized payment service for Bitcoin. In: 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pp. 268–276, May 2019. https://doi.org/10.1109/BLOC.2019.8751394, https://publikationen.bibliothek.kit.edu/1000092459
Intel: PoET 1.0 Specification (2015). https://sawtooth.hyperledger.org/docs/core/releases/latest/architecture/poet.html
Kaplan, D., Powell, J., Woller, T.: AMD Memory Encryption (2016). http://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
Lee, D., Kohlbrenner, D., Shinde, S., Song, D., Asanović, K.: Keystone: A Framework for Architecting TEEs. arXiv preprint arXiv:1907.10119 (2019)
Lind, J., Eyal, I., Kelbert, F., Naor, O., Pietzuch, P.R., Sirer, E.G.: Teechain: Scalable Blockchain Payments using Trusted Execution Environments (2017). http://arxiv.org/abs/1707.05454
Matetic, S., et al.: ROTE: Rollback Protection for Trusted Execution, pp. 1289–1306, August 2017. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/matetic
McCorry, P., Bakshi, S., Bentov, I., Miller, A., Meiklejohn, S.: Pisa: Arbitration Outsourcing for State Channels. IACR Cryptology ePrint Archive 2018, 582 (2018)
McKeen, F., et al.: Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. HASP 2013. ACM, New York (2013)
Milutinovic, M., He, W., Wu, H., Kanwal, M.: Proof of luck: an efficient blockchain consensus protocol. In: Proceedings of the 1st Workshop on System Software for Trusted Execution. SysTEX 2016, pp. 2:1–2:6. ACM, New York (2016). https://doi.org/10.1145/3007788.3007790
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). https://bitcoin.org/bitcoin.pdf
Osuntokun, O.: Hardening Lightning (01 2018), talk at Blockchain Protocol Analysis and Security Engineering (2018)
Poon, J., Dryja, T.: The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments (2016). https://lightning.network/lightning-network-paper.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Leinweber, M., Grundmann, M., Schönborn, L., Hartenstein, H. (2019). TEE-Based Distributed Watchtowers for Fraud Protection in the Lightning Network. In: Pérez-Solà, C., Navarro-Arribas, G., Biryukov, A., Garcia-Alfaro, J. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2019 2019. Lecture Notes in Computer Science(), vol 11737. Springer, Cham. https://doi.org/10.1007/978-3-030-31500-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-31500-9_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-31499-6
Online ISBN: 978-3-030-31500-9
eBook Packages: Computer ScienceComputer Science (R0)