SorTEE: Service-Oriented Routing for Payment Channel Networks With Scalability and Privacy Protection

Abstract

Payment channel networks (PCNs) are emerged as the most widely deployed solution to mitigate the scalability problem of permissionless cryptocurrencies, allowing vast payments to be carried out off-chain. Routing, which finds feasible paths between the senders and receivers, is critical for PCNs. However, existing solutions either fail to achieve high scalability that can maintain low storage/computation/network communication overhead, or they are susceptible to privacy disclosure. In this paper, we propose SorTEE, a service-oriented routing solution for PCNs, which adopts a set of service nodes to alleviate the per-user burden of routing and achieves more comprehensive privacy guarantees than the state-of-the-art by leveraging trusted execution environments (TEEs). SorTEE demands users communicate with the TEE by the secure channel to protect the privacy of transaction value. Then, an oblivious path mechanism is designed to construct redundant paths with the pseudo senders and receivers generated by TEEs to confuse its untrusted controller. Further, we report a novel attack that allows malicious service nodes to drop the valid paths for profit, and design a feedback mechanism to relieve it. Moreover, SorTEE hides the identities of the senders/receivers for the intermediate nodes of payment paths by introducing a novel identity information transfer scheme called encrypted identity chain. Based on security analysis and performance evaluation, our results demonstrate that SorTEE is able to achieve sufficient privacy-preserving payment and low per-user overhead.