Get Me Out of This Payment! Bailout: An HTLC Re-routing Protocol

Oğuzhan Ersoy; Pedro Moreno-Sanchez; Stefanie Roos

doi:10.1007/978-3-031-47751-5_6

Get Me Out of This Payment! Bailout: An HTLC Re-routing Protocol

Oğuzhan Ersoy^*, Pedro Moreno-Sanchez, Stefanie Roos

^*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

9 Downloads (Pure)

Abstract

The Lightning Network provides almost-instant payments to its parties. In addition to direct payments requiring a shared payment channel, parties can pay each other in the form of multi-hop payments via existing channels. Such multi-hop payments rely on a 2-phase commit protocol to achieve balance security; that is, no honest intermediary party loses her coins. Unfortunately, failures or attacks in this 2-phase commit protocol can lead to coins being committed (locked) in a payment for extended periods of time (in the order of days in the worst case). During these periods, parties cannot go offline without losing funds due to their existing commitments, even if they use watchtowers. Furthermore, they cannot use the locked funds for initiating or forwarding new payments, reducing their opportunities to use their coins and earn fees. We introduce Bailout, the first protocol that allows intermediary parties in a multi-hop payment to unlock their coins before the payment completes by re-routing the payment over an alternative path. We achieve this by creating a circular payment route starting from the intermediary party in the opposite direction of the original payment. Once the circular payment is locked, both payments are canceled for the intermediary party, which frees the coins of the corresponding channels. This way, we create an alternative route for the ongoing multi-hop payment without involving the sender or receiver. The parties on the alternative path are incentivized to participate through fees. We evaluate the utility of our protocol using a real-world Lightning Network snapshot. Bailouts may fail due to insufficient balance in alternative paths used for re-routing. We find that attempts of a node to bailout typically succeed with a probability of more than 94% if at least one alternative path exists.

Original language	English
Title of host publication	Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers
Editors	Foteini Baldimtsi, Christian Cachin
Publisher	Springer
Pages	92-109
Number of pages	18
ISBN (Print)	9783031477508
DOIs	https://doi.org/10.1007/978-3-031-47751-5_6
Publication status	Published - 2024
Event	27th International Conference on Financial Cryptography and Data Security, FC 2023 - Bol, Croatia Duration: 1 May 2023 → 5 May 2023

Publication series

Name	Lecture Notes in Computer Science
Volume	13951
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	27th International Conference on Financial Cryptography and Data Security, FC 2023
Country/Territory	Croatia
City	Bol
Period	1/05/23 → 5/05/23

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Access to Document

10.1007/978-3-031-47751-5_6

978-3-031-47751-5_6Final published version, 623 KB

Cite this

Ersoy, O., Moreno-Sanchez, P., & Roos, S. (2024). Get Me Out of This Payment! Bailout: An HTLC Re-routing Protocol. In F. Baldimtsi, & C. Cachin (Eds.), Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers (pp. 92-109). (Lecture Notes in Computer Science; Vol. 13951). Springer. https://doi.org/10.1007/978-3-031-47751-5_6

@inproceedings{1427bcc243764ad29979142aec064fc9,

title = "Get Me Out of This Payment! Bailout: An HTLC Re-routing Protocol",

abstract = "The Lightning Network provides almost-instant payments to its parties. In addition to direct payments requiring a shared payment channel, parties can pay each other in the form of multi-hop payments via existing channels. Such multi-hop payments rely on a 2-phase commit protocol to achieve balance security; that is, no honest intermediary party loses her coins. Unfortunately, failures or attacks in this 2-phase commit protocol can lead to coins being committed (locked) in a payment for extended periods of time (in the order of days in the worst case). During these periods, parties cannot go offline without losing funds due to their existing commitments, even if they use watchtowers. Furthermore, they cannot use the locked funds for initiating or forwarding new payments, reducing their opportunities to use their coins and earn fees. We introduce Bailout, the first protocol that allows intermediary parties in a multi-hop payment to unlock their coins before the payment completes by re-routing the payment over an alternative path. We achieve this by creating a circular payment route starting from the intermediary party in the opposite direction of the original payment. Once the circular payment is locked, both payments are canceled for the intermediary party, which frees the coins of the corresponding channels. This way, we create an alternative route for the ongoing multi-hop payment without involving the sender or receiver. The parties on the alternative path are incentivized to participate through fees. We evaluate the utility of our protocol using a real-world Lightning Network snapshot. Bailouts may fail due to insufficient balance in alternative paths used for re-routing. We find that attempts of a node to bailout typically succeed with a probability of more than 94% if at least one alternative path exists.",

author = "Oğuzhan Ersoy and Pedro Moreno-Sanchez and Stefanie Roos",

note = "Green Open Access added to TU Delft Institutional Repository {\textquoteleft}You share, we take care!{\textquoteright} – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. ; 27th International Conference on Financial Cryptography and Data Security, FC 2023 ; Conference date: 01-05-2023 Through 05-05-2023",

year = "2024",

doi = "10.1007/978-3-031-47751-5_6",

language = "English",

isbn = "9783031477508",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "92--109",

editor = "Foteini Baldimtsi and Christian Cachin",

booktitle = "Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers",

}

Ersoy, O, Moreno-Sanchez, P & Roos, S 2024, Get Me Out of This Payment! Bailout: An HTLC Re-routing Protocol. in F Baldimtsi & C Cachin (eds), Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers. Lecture Notes in Computer Science, vol. 13951, Springer, pp. 92-109, 27th International Conference on Financial Cryptography and Data Security, FC 2023, Bol, Croatia, 1/05/23. https://doi.org/10.1007/978-3-031-47751-5_6

Get Me Out of This Payment! Bailout: An HTLC Re-routing Protocol. / Ersoy, Oğuzhan; Moreno-Sanchez, Pedro; Roos, Stefanie.
Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers. ed. / Foteini Baldimtsi; Christian Cachin. Springer, 2024. p. 92-109 (Lecture Notes in Computer Science; Vol. 13951).

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Get Me Out of This Payment! Bailout

T2 - 27th International Conference on Financial Cryptography and Data Security, FC 2023

AU - Ersoy, Oğuzhan

AU - Moreno-Sanchez, Pedro

AU - Roos, Stefanie

N1 - Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

PY - 2024

Y1 - 2024

N2 - The Lightning Network provides almost-instant payments to its parties. In addition to direct payments requiring a shared payment channel, parties can pay each other in the form of multi-hop payments via existing channels. Such multi-hop payments rely on a 2-phase commit protocol to achieve balance security; that is, no honest intermediary party loses her coins. Unfortunately, failures or attacks in this 2-phase commit protocol can lead to coins being committed (locked) in a payment for extended periods of time (in the order of days in the worst case). During these periods, parties cannot go offline without losing funds due to their existing commitments, even if they use watchtowers. Furthermore, they cannot use the locked funds for initiating or forwarding new payments, reducing their opportunities to use their coins and earn fees. We introduce Bailout, the first protocol that allows intermediary parties in a multi-hop payment to unlock their coins before the payment completes by re-routing the payment over an alternative path. We achieve this by creating a circular payment route starting from the intermediary party in the opposite direction of the original payment. Once the circular payment is locked, both payments are canceled for the intermediary party, which frees the coins of the corresponding channels. This way, we create an alternative route for the ongoing multi-hop payment without involving the sender or receiver. The parties on the alternative path are incentivized to participate through fees. We evaluate the utility of our protocol using a real-world Lightning Network snapshot. Bailouts may fail due to insufficient balance in alternative paths used for re-routing. We find that attempts of a node to bailout typically succeed with a probability of more than 94% if at least one alternative path exists.

AB - The Lightning Network provides almost-instant payments to its parties. In addition to direct payments requiring a shared payment channel, parties can pay each other in the form of multi-hop payments via existing channels. Such multi-hop payments rely on a 2-phase commit protocol to achieve balance security; that is, no honest intermediary party loses her coins. Unfortunately, failures or attacks in this 2-phase commit protocol can lead to coins being committed (locked) in a payment for extended periods of time (in the order of days in the worst case). During these periods, parties cannot go offline without losing funds due to their existing commitments, even if they use watchtowers. Furthermore, they cannot use the locked funds for initiating or forwarding new payments, reducing their opportunities to use their coins and earn fees. We introduce Bailout, the first protocol that allows intermediary parties in a multi-hop payment to unlock their coins before the payment completes by re-routing the payment over an alternative path. We achieve this by creating a circular payment route starting from the intermediary party in the opposite direction of the original payment. Once the circular payment is locked, both payments are canceled for the intermediary party, which frees the coins of the corresponding channels. This way, we create an alternative route for the ongoing multi-hop payment without involving the sender or receiver. The parties on the alternative path are incentivized to participate through fees. We evaluate the utility of our protocol using a real-world Lightning Network snapshot. Bailouts may fail due to insufficient balance in alternative paths used for re-routing. We find that attempts of a node to bailout typically succeed with a probability of more than 94% if at least one alternative path exists.

UR - http://www.scopus.com/inward/record.url?scp=85180635652&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-47751-5_6

DO - 10.1007/978-3-031-47751-5_6

M3 - Conference contribution

AN - SCOPUS:85180635652

SN - 9783031477508

T3 - Lecture Notes in Computer Science

SP - 92

EP - 109

BT - Financial Cryptography and Data Security - 27th International Conference, FC 2023, Revised Selected Papers

A2 - Baldimtsi, Foteini

A2 - Cachin, Christian

PB - Springer

Y2 - 1 May 2023 through 5 May 2023

ER -