Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks
This work addresses privacy vulnerabilities for users of Bitcoin's Lightning Network, revealing a practical attack that deanonymizes payments, which is an incremental but critical finding for security in payment channel networks.
The paper tackles the privacy problem in the Lightning Network by demonstrating that timing attacks on HTLC state negotiation messages can subvert its privacy guarantees, enabling adversaries to infer payment endpoints with high precision and recall, as shown through simulations where controlling a small number of malicious nodes observes a large share of payments.
The Lightning Network is a scaling solution for Bitcoin that promises to enable rapid and private payment processing. In Lightning, multi-hop payments are secured by utilizing Hashed Time-Locked Contracts (HTLCs) and encrypted on the network layer by an onion routing scheme to avoid information leakage to intermediate nodes. In this work, we however show that the privacy guarantees of the Lightning Network may be subverted by an on-path adversary conducting timing attacks on the HTLC state negotiation messages. To this end, we provide estimators that enable an adversary to reduce the anonymity set and infer the likeliest payment endpoints. We developed a proof-of-concept measurement node that shows the feasibility of attaining time differences and evaluate the adversarial success in model-based network simulations. We find that controlling a small number malicious nodes is sufficient to observe a large share of all payments, emphasizing the relevance of the on-path adversary model. Moreover, we show that adversaries of different magnitudes could employ timing-based attacks to deanonymize payment endpoints with high precision and recall.