TEE-Based Distributed Watchtowers for Fraud Protection in the Lightning Network

  • Marc LeinweberEmail author
  • Matthias Grundmann
  • Leonard Schönborn
  • Hannes Hartenstein
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11737)


The Lightning Network is a payment channel network built on top of the cryptocurrency Bitcoin. It allows Bitcoin to scale by performing transactions off-chain to reduce load on the blockchain. Malicious payment channel participants can try to commit fraud by closing channels with outdated balances. The Lightning Network allows resolving this dispute on the blockchain. However, this mechanism forces the channels’ participants to watch the blockchain in regular intervals. It has been proposed to offload this monitoring duty to a third party, called a watchtower. However, existing approaches for watchtowers do not scale as they have storage requirements linear in the number of updates in a channel. In this work, we propose TEE Guard, a new architecture for watchtowers that leverages the features of Trusted Execution Environments to build watchtowers that require only constant memory and are thus able to scale. We show that TEE Guard is deployable because it can run with the existing Bitcoin and Lightning Network protocols. We also show that it is economically viable for a third party to provide watchtower services. As a watchtower needs to be trusted to be watching the blockchain, we also introduce a mechanism that allows customers to verify that a watchtower has been running continuously.


  1. 1.
  2. 2.
    Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. HASP 2013, ACM, New York (2013)Google Scholar
  3. 3.
    Avarikioti, G., Kogias, E.K., Wattenhofer, R.: Brick: asynchronous state channels. arXiv preprint arXiv:1905.11360, May 2019
  4. 4.
    Avarikioti, G., Laufenberg, F., Sliwinski, J., Wang, Y., Wattenhofer, R.: Towards secure and efficient payment channels. arXiv preprint arXiv:1811.12740 (2018)
  5. 5.
    Bentov, I., et al.: Tesseract: Real-Time Cryptocurrency Exchange using Trusted Hardware. IACR Cryptology ePrint Archive 2017, 1153 (2017)Google Scholar
  6. 6.
    Bulck, J.V., et al.: Foreshadow: extracting the Keys to the Intel SGX Kingdom with transient out-of-order execution. In: 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD (2018)Google Scholar
  7. 7.
    Das, P., et al.: FastKitten: practical smart contracts on bitcoin. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 801–818. USENIX Association, Santa Clara.
  8. 8.
    Decker, C., Russell, R., Osuntokun, O.: eltoo: a simple Layer2 protocol for Bitcoin. White paper (2018).
  9. 9.
    Dryja, T.: Unlinkable Outsourced Channel Monitoring (10 2016), talk at Scaling Bitcoin, Milano (2016)Google Scholar
  10. 10.
    Grundmann, M., Leinweber, M., Hartenstein, H.: Banklaves: concept for a trustworthy decentralized payment service for Bitcoin. In: 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), pp. 268–276, May 2019.,
  11. 11.
  12. 12.
    Kaplan, D., Powell, J., Woller, T.: AMD Memory Encryption (2016).
  13. 13.
    Lee, D., Kohlbrenner, D., Shinde, S., Song, D., Asanović, K.: Keystone: A Framework for Architecting TEEs. arXiv preprint arXiv:1907.10119 (2019)
  14. 14.
    Lind, J., Eyal, I., Kelbert, F., Naor, O., Pietzuch, P.R., Sirer, E.G.: Teechain: Scalable Blockchain Payments using Trusted Execution Environments (2017).
  15. 15.
    Matetic, S., et al.: ROTE: Rollback Protection for Trusted Execution, pp. 1289–1306, August 2017.
  16. 16.
    McCorry, P., Bakshi, S., Bentov, I., Miller, A., Meiklejohn, S.: Pisa: Arbitration Outsourcing for State Channels. IACR Cryptology ePrint Archive 2018, 582 (2018)Google Scholar
  17. 17.
    McKeen, F., et al.: Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. HASP 2013. ACM, New York (2013)Google Scholar
  18. 18.
    Milutinovic, M., He, W., Wu, H., Kanwal, M.: Proof of luck: an efficient blockchain consensus protocol. In: Proceedings of the 1st Workshop on System Software for Trusted Execution. SysTEX 2016, pp. 2:1–2:6. ACM, New York (2016).
  19. 19.
    Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008).
  20. 20.
    Osuntokun, O.: Hardening Lightning (01 2018), talk at Blockchain Protocol Analysis and Security Engineering (2018)Google Scholar
  21. 21.
    Poon, J., Dryja, T.: The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments (2016).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Marc Leinweber
    • 1
    Email author
  • Matthias Grundmann
    • 1
  • Leonard Schönborn
    • 1
  • Hannes Hartenstein
    • 1
  1. 1.Karlsruhe Institute of TechnologyKarlsruheGermany

Personalised recommendations