Abstract

Payment channel networks (PCNs) are emerged as the most widely deployed solution to mitigate the scalability problem of permissionless cryptocurrencies, allowing vast payments to be carried out off-chain. Routing, which finds feasible paths between the senders and receivers, is critical for PCNs. However, existing solutions either fail to achieve high scalability that can maintain low storage/computation/network communication overhead, or they are susceptible to privacy disclosure. In this paper, we propose SorTEE, a service-oriented routing solution for PCNs, which adopts a set of service nodes to alleviate the per-user burden of routing and achieves more comprehensive privacy guarantees than the state-of-the-art by leveraging trusted execution environments (TEEs). SorTEE demands users communicate with the TEE by the secure channel to protect the privacy of transaction value. Then, an oblivious path mechanism is designed to construct redundant paths with the pseudo senders and receivers generated by TEEs to confuse its untrusted controller. Further, we report a novel attack that allows malicious service nodes to drop the valid paths for profit, and design a feedback mechanism to relieve it. Moreover, SorTEE hides the identities of the senders/receivers for the intermediate nodes of payment paths by introducing a novel identity information transfer scheme called encrypted identity chain. Based on security analysis and performance evaluation, our results demonstrate that SorTEE is able to achieve sufficient privacy-preserving payment and low per-user overhead.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.