Toward Active and Passive Confidentiality Attacks On Cryptocurrency Off-Chain Networks
It addresses privacy vulnerabilities in off-chain cryptocurrency networks, which are incremental improvements to existing security analyses.
This paper investigates how gossip and probing mechanisms in cryptocurrency off-chain networks like Lightning and Raiden can be exploited to infer sensitive transaction flow information, identifying an active probing attack to detect maximum transferable amounts and a passive timing attack to discover payment destination proximity, and proposes remediations for accurate attack scenarios.
Cryptocurrency off-chain networks such as Lightning (e.g., Bitcoin) or Raiden (e.g., Ethereum) aim to increase the scalability of traditional on-chain transactions. To support nodes in learning about possible paths to route their transactions, these networks need to provide gossip and probing mechanisms. This paper explores whether these mechanisms may be exploited to infer sensitive information about the flow of transactions, and eventually harm privacy. In particular, we identify two threats, related to an active and a passive adversary. The first is a probing attack: here the adversary aims to detect the maximum amount which is transferable in a given direction over a target channel by actively probing it and differentiating the response messages it receives. The second is a timing attack: the adversary discovers how close the destination of a routed payment actually is, by acting as a passive man-in-the middle and analyzing the time deltas between sent messages and their corresponding responses. We then analyze the limitations of these attacks and propose remediations for scenarios in which they are able to produce accurate results.