Skip to main content

Congestion Attacks in Payment Channel Networks

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12675)


Payment channel networks provide a fast and scalable solution to relay funds, acting as a second layer to slower and less scalable blockchain protocols. In this paper, we present an accessible, low-cost attack in which the attacker paralyzes multiple payment network channels for several days. The attack is based on overloading channels with requests that are kept unresolved until their expiration time. Reaching the maximum allowed unresolved requests (\(\mathtt {HTLCs}\)) locks the channel for new payments. The attack is in fact inherent to the way off-chain networks are constructed, since limits on the number of unresolved payments are derived from limits on the blockchain. We consider three versions of the attack: one in which the attacker attempts to block as many high liquidity channels as possible, one in which it disconnects as many pairs of nodes as it can, and one in which it tries to isolate individual nodes from the network. We evaluate the costs of these attacks on Bitcoin’s Lightning Network and compare how changes in the network have affected the cost of attack. Specifically, we consider how recent changes to default parameters in each of the main Lightning implementations contribute to the attacks. Finally, we suggest mitigation techniques that make these attacks much harder to carry out.


  • Lightning Network
  • Payment channel networks
  • Network security
  • HTLC

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-662-64331-0_9
  • Chapter length: 19 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   79.99
Price excludes VAT (USA)
  • ISBN: 978-3-662-64331-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   99.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.


  1. 1.

    We were able to find public record describing the basic idea of the attack, on a single channel [8, 31]. We note that no full translation of this vulnerability to the entire network was previously considered. Due to the public nature of these posts, we did not perform a disclosure of the vulnerability to the devs.

  2. 2.

    We give the defaults used in mainnet. Testnet behavior differs slightly.

  3. 3.

    We ignore disabled channels and channels with nodes that do not reveal their policies.

  4. 4.

    The snapshot from Mar 9th, 2019 was taken from [29, 30].


  1. Fundingmanager: configurable remote max HTLCs [lnd pull request #4527], August 2020.

  2. Avarikioti, G., Laufenberg, F., Sliwinski, J., Wang, Y., Wattenhofer, R.: Towards secure and efficient payment channels. arXiv preprint arXiv:1811.12740 (2018)

  3. Bastien Teinturier, A.R., Jager, J.: Spamming the lightning network, October 2020.

  4. BitInfoCharts: Bitcoin avg. transaction fee historical chart (2020).

  5. C-Lightning: A lightning network implementation in c (2020).

  6. Dziemian, C.: Summary of the second lightning development summit (2018). [Lightning-dev]

  7. Eclair: A scala implementation of the lightning network (2020).

  8. EmelyanenkoK: lightning-rfc issue #182: Payment channel congestion via spam-attack, May 2017.

  9. Fiedler, M.: Laplacian of graphs and algebraic connectivity. Banach Center Publ. 25(1), 57–70 (1989)

    CrossRef  MathSciNet  Google Scholar 

  10. Girvan, M., Newman, M.E.: Community structure in social and biological networks. Proc. Natl. Acad. Sci. 99(12), 7821–7826 (2002)

    CrossRef  MathSciNet  Google Scholar 

  11. Green, M., Miers, I.: Bolt: Anonymous payment channels for decentralized currencies. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 473–489. ACM, Dallas (2017)

    Google Scholar 

  12. Gudgeon, L., Moreno-Sanchez, P., Roos, S., McCorry, P., Gervais, A.: Sok: Off the chain transactions. IACR Cryptology ePrint Archive 2019, p. 360 (2019)

    Google Scholar 

  13. Heilman, E., Alshenibr, L., Baldimtsi, F., Scafuro, A., Goldberg, S.: Tumblebit: an untrusted bitcoin-compatible anonymous payment hub. In: Network and Distributed System Security Symposium, NDSS (2017)

    Google Scholar 

  14. Herrera-Joancomarti, J., Navarro-Arribas, G., Pedrosa, A.R., Cristina, P.S., Garcia-Alfaro, J.: On the difficulty of hiding the balance of lightning network channels. Ph.D. thesis, Dépt. Réseaux et Service de Télécom (Institut Mines-Télécom-Télécom SudParis \(\ldots \) (2019)

    Google Scholar 

  15. Kernighan, B.W., Lin, S.: An efficient heuristic procedure for partitioning graphs. Bell Syst. Tech. J. 49(2), 291–307 (1970)

    CrossRef  Google Scholar 

  16. Lee, S., Kim, H.: On the robustness of lightning network in bitcoin. Pervasive Mob. Comput. 61, 101108 (2020)

    CrossRef  Google Scholar 

  17. LNBIG: Lnbig lightning nodes (2018–2019).

  18. LND: The lightning network daemon (2020).

  19. Malavolta, G., Moreno-Sanchez, P., Kate, A., Maffei, M., Ravi, S.: Concurrency and privacy with payment-channel networks. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 455–471. ACM, New York (2017)

    Google Scholar 

  20. McCorry, P., Bakshi, S., Bentov, I., Meiklejohn, S., Miller, A.: Pisa: arbitration outsourcing for state channels. In: Proceedings of the 1st ACM Conference on Advances in Financial Technologies, pp. 16–30. AFT, Zurich (2019)

    Google Scholar 

  21. McCorry, P., Möser, M., Shahandasti, S.F., Hao, F.: Towards Bitcoin payment networks. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016, Part I. LNCS, vol. 9722, pp. 57–76. Springer, Cham (2016).

    CrossRef  Google Scholar 

  22. Miller, A., Bentov, I., Bakshi, S., Kumaresan, R., McCorry, P.: Sprites and state channels: payment networks that go faster than lightning. In: Goldberg, I., Moore, T. (eds.) FC 2019. LNCS, vol. 11598, pp. 508–526. Springer, Cham (2019).

    CrossRef  Google Scholar 

  23. Mizrahi, A., Zohar, A.: Congestion attacks in payment channel networks. arXiv preprint arXiv:2002.06564 (2020)

  24. Network, R.: Setting the number of pending transfers keeping the gas limit, July 2018.

  25. Network, T.R.: An off-chain scaling solution (2020),

  26. Pérez-Solà, C., Ranchal-Pedrosa, A., Herrera-Joancomartí, J., Navarro-Arribas, G., Garcia-Alfaro, J.: LockDown: balance availability attack against lightning network channels. In: Bonneau, J., Heninger, N. (eds.) FC 2020. LNCS, vol. 12059, pp. 245–263. Springer, Cham (2020).

    CrossRef  Google Scholar 

  27. Poon, J., Dryja, T.: The Bitcoin lightning network: Scalable off-chain instant payments (2016)

    Google Scholar 

  28. (Roasbeef), O.O.: Git Commit: “lnd: lower default CLTV delta from 144 to 40”. (Mar 2019)

  29. Rohrer, E.: Lightning network snapshots (2018–2019).

  30. Rohrer, E., Malliaris, J., Tschorsch, F.: Discharged payment channels: Quantifying the lightning network’s resilience to topology-based attacks. arXiv preprint arXiv:1904.10253 (2019)

  31. Russell, R.: Loop attack with onion routing, August 2015. [Lightning-dev]

  32. Seres, I.A., Gulyás, L., Nagy, D.A., Burcsi, P.: Topological analysis of bitcoin’s lightning network. arXiv preprint arXiv:1901.04972 (2019)

  33. Specifications, L.N.: Basis of lightning technology (BOLTs) (2020).

  34. Tang, W., Wang, W., Fanti, G., Oh, S.: Privacy-utility tradeoffs in routing cryptocurrency over payment channel networks. arXiv preprint arXiv:1909.02717 (2019)

  35. Tikhomirov, S., Moreno-Sanchez, P., Maffei, M.: A quantitative analysis of security, anonymity and scalability for the lightning network. IACR Cryptol. ePrint Arch. 2020, p. 303 (2020)

    Google Scholar 

  36. Tochner, S., Schmid, S., Zohar, A.: Hijacking routes in payment channel networks: A predictability tradeoff. arXiv preprint arXiv:1909.06890 (2019)

  37. Trustnodes: Lightning network ddos sends 20% of nodes down (2018).

Download references


We thank Itay Cohen, Nir Lavee and Zvi Yishai for providing improvements in our network partitioning algorithms and analysis.

This research was supported by the Israel Science Foundation (grant 1504/17) and by a grant from the HUJI Cyber Security Research Center in conjunction with the Israel National Cyber Bureau.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Ayelet Mizrahi .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 International Financial Cryptography Association

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Mizrahi, A., Zohar, A. (2021). Congestion Attacks in Payment Channel Networks. In: Borisov, N., Diaz, C. (eds) Financial Cryptography and Data Security. FC 2021. Lecture Notes in Computer Science(), vol 12675. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-64330-3

  • Online ISBN: 978-3-662-64331-0

  • eBook Packages: Computer ScienceComputer Science (R0)