Structural Attacks on Local Routing in Payment Channel Networks

TL;DR

This paper investigates how local knowledge routing algorithms in payment channel networks are vulnerable to structural attacks that can cause denial-of-service, especially in highly centralized network topologies.

Contribution

It demonstrates the effectiveness of structural attacks on local routing protocols like SpeedyMurmurs and analyzes how network topology influences attack success.

Findings

Centrality-based attacks are near-optimal in effectiveness.

Less centralized networks are more resilient to these attacks.

Participants can incentivize less centralized topologies.

Abstract

Payment channel networks (PCN) enable scalable blockchain transactions without fundamentally changing the underlying distributed ledger algorithm. However, routing a payment via multiple channels in a PCN requires locking collateral for potentially long periods of time. Adversaries can abuse this mechanism to conduct denial-of-service attacks. Previous work focused on source routing, which is unlikely to remain a viable routing approach as these networks grow. In this work, we examine the effectiveness of attacks in PCNs that use routing algorithms based on local knowledge, where compromised intermediate nodes can delay or drop transactions to create denial-of-service. We focus on SpeedyMurmurs as a representative of such protocols. We identify two attacker node selection strategies; one based on the position in the routing tree, and the other on betweenness centrality. Our simulation-driven study shows that while they are both effective, the centrality-based attack approaches near-optimal effectiveness. We also show that the attacks are ineffective in less centralized networks and discuss incentives for the participants in PCNs to create less centralized topologies through the payment channels they establish among themselves.