Cross-Layer Deanonymization Methods in the Lightning Protocol

TL;DR

This paper introduces methods to link Lightning Network nodes with Bitcoin addresses, revealing significant privacy vulnerabilities and demonstrating that LN users are vulnerable to deanonymization by a small number of actors.

Contribution

It presents the first systematic approach to cross-layer deanonymization linking LN nodes with BTC addresses, highlighting privacy risks in the Lightning Protocol.

Findings

Linking heuristics connect 45.97% of LN nodes to 29.61% BTC addresses.

Deanonymization attributes information to 21.19% of BTC addresses.

LN privacy is weaker than previously believed, with few actors controlling a large portion of capacity.

Abstract

Bitcoin (BTC) pseudonyms (layer 1) can effectively be deanonymized using heuristic clustering techniques. However, while performing transactions off-chain (layer 2) in the Lightning Network (LN) seems to enhance privacy, a systematic analysis of the anonymity and privacy leakages due to the interaction between the two layers is missing. We present clustering heuristics that group BTC addresses, based on their interaction with the LN, as well as LN nodes, based on shared naming and hosting information. We also present linking heuristics that link 45.97% of all LN nodes to 29.61% BTC addresses interacting with the LN. These links allow us to attribute information (e.g., aliases, IP addresses) to 21.19% of the BTC addresses contributing to their deanonymization. Further, these deanonymization results suggest that the security and privacy of LN payments are weaker than commonly believed, with LN users being at the mercy of as few as five actors that control 36 nodes and over 33% of the total capacity. Overall, this is the first paper to present a method for linking LN nodes with BTC addresses across layers and to discuss privacy and security implications.