Abstract
Smart contracts are self-executing agreements written in program code and are envisioned to be one of the main applications of blockchain technology. While they are supported by prominent cryptocurrencies such as Ethereum, their further adoption is hindered by fundamental scalability challenges. For instance, in Ethereum contract execution suffers from a latency of more than 15 s, and the total number of contracts that can be executed per second is very limited. State channel networks are one of the core primitives aiming to address these challenges. They form a second layer over the slow and expensive blockchain, thereby enabling instantaneous contract processing at negligible costs.
In this work we present the first complete description of a state channel network that exhibits the following key features. First, it supports virtual multi-party state channels, i.e. state channels that can be created and closed without blockchain interaction and that allow contracts with any number of parties. Second, the worst case time complexity of our protocol is constant for arbitrary complex channels. This is in contrast to the existing virtual state channel construction that has worst case time complexity linear in the number of involved parties. In addition to our new construction, we provide a comprehensive model for the modular design and security analysis of our construction.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The startup L4 and their project Counterfactual [7] use a different terminology: virtual channels are called “meta channels”, but the concepts are the same.
- 2.
In Ethereum typically \(\varDelta \) equal to 6 min is assumed to be safe.
- 3.
Technically, this is done by one of the parties, \(\mathsf {Alice}\), say, calling a constructor function, and then \(\mathsf {Bob}\) calling another function to confirm that he agrees to deploy this contract instance. To keep our description simple, we omit these details here.
- 4.
Notice that \(\mathtt {SCC}\) is oblivious to what happened inside the ledger state channel \(\gamma \) after it was created.
- 5.
In the example that we considered, \(\mathsf {Bob}\) can now force \(\mathsf {Alice}\) bear the consequences that he revealed x to the contract instance.
- 6.
While it is sufficient that only one intermediary is malicious, it has to be the intermediary that was involved in the last step of the recursion, i.e., in the example from above: party \(P_{n/2}\).
- 7.
To keep things simple we do not allow the recursion to build virtual channels on top on n-party channels for \(n>2\). We leave describing this extension as a possible future research direction.
- 8.
In case one party behaves maliciously, an agreement is reached via the state registration process.
- 9.
In practice, this information would be used to derive fees charged by the intermediary for its service.
- 10.
Recall from Sect. 2 that disagreements in channels with indirect dispute might require interaction with the blockchain as well. However this happen only in the worst case when all parties are corrupt.
- 11.
The value of \(\tau \) can be set by the adversary as long as it is smaller than some upper bound T which is of order \(O(\gamma .{\mathsf {length}}\cdot \varDelta )\).
- 12.
In case at least one user is corrupt, the value of \(\tau \) can be set by the adversary as long as it is smaller that some upper bound T which is of order \(O(\gamma .{\mathsf {length}}\cdot \varDelta )\).
- 13.
Let us emphasize that this design choice does not necessarily lead to a fair coin distribution. For example, when users of the multi-party channel play a game and one of the users is “about to win” all the coins when round \(\gamma .\mathsf {validity}\) comes. Hence, honest parties should always agree on new contract instances only if they can enforce contract termination before time \(\gamma .\mathsf {validity}\) or if they are willing to take this risk.
- 14.
For simplicity, we describe here how \(\mathcal {F}_{ DB }\) handles a dispute about a two-party contract. \(\mathcal {F}_{ DB }\) handles disputes about multi-party contracts in a similar fashion.
- 15.
For the sake of correctness, in this section we include details about contract sets that each channel is supposed to handle. In order to understand our modular approach, their relations can be ignored. The reader can just assume that each subchannel can handle all contracts required for building all the longer channels.
- 16.
Adding the dispute board to any functionality again works by wrapping functionality \(\mathcal {F}_x\) and \(\mathcal {F}_{ DB }\) within a wrapper \(\mathcal {W}_{x}\).
- 17.
This statement assumes that the only contract instances that can be opened in the multi-party channel are the ones whose code allows any user to enforce termination before time \(\gamma .\mathsf {validity}\).
- 18.
We assume a fixed ordering on peaceful execution requests.
References
Allison, I.: Ethereum’s Vitalik Buterin explains how state channels address privacy and scalability (2016)
Bitcoin Wiki: Payment Channels (2018). https://en.bitcoin.it/wiki/Payment_channels
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS (2001)
Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61–85. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_4
Celer Network (2018). https://www.celer.network
Close, T.: Nitro protocol. Cryptology ePrint Archive, Report 2019/219 (2019). https://eprint.iacr.org/2019/219
Counterfactual (2018). https://counterfactual.com
Decker, C., Wattenhofer, R.: A fast and scalable payment network with bitcoin duplex micropayment channels. In: Pelc, A., Schwarzmann, A.A. (eds.) SSS 2015. LNCS, vol. 9212, pp. 3–18. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21741-3_1
Dolev, D., Strong, H.R.: Authenticated algorithms for Byzantine agreement. SIAM J. Comput. 12(4), 656–666 (1983)
Dziembowski, S., et al.: General state channel networks. In: ACM CCS 2018 (2018)
Dziembowski, S., et al.: Multi-party virtual state channels. Cryptology ePrint Archive (2019). https://eprint.iacr.org/2019
Dziembowski, S., et al.: Perun: virtual payment hubs over cryptographic currencies. In: Conference Version Accepted to the 40th IEEE Symposium on Security and Privacy (IEEE S&P) 2019 (2017)
Garay, J.A., et al.: Round complexity of authenticated broadcast with a dishonest majority. In: 48th FOCS (2007)
Katz, J., Lindell, Y.: Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) (2007)
Khalil, R., Gervais, A.: NOCUST - a non-custodial 2nd-layer financial intermediary. Cryptology ePrint Archive, Report 2018/642 (2018). https://eprint.iacr.org/2018/642
Khalil, R., Gervais, A.: Revive: rebalancing off-blockchain payment networks. In: ACM CCS 2017 (2017)
Lind, J., et al.: Teechain: reducing storage costs on the blockchain with offline payment channels. In: Proceedings of the 11th ACM International Systems and Storage Conference, SYSTOR 2018 (2018)
Malavolta, G., et al.: Concurrency and privacy with payment-channel networks. In: ACM CCS 2017 (2017)
McCorry, P., et al.: Pisa: arbitration outsourcing for state channels. Cryptology ePrint Archive, Report 2018/582 (2018). https://eprint.iacr.org/2018/582
McCorry, P., et al.: You sank my battleship! A case study to evaluate state channels as a scaling solution for cryptocurrencies (2018)
Miller, A., et al.: Sprites: payment channels that go faster than lightning. CoRR (2017)
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2009). http://bitcoin.org/bitcoin.pdf
Poon, J., Buterin, V.: Plasma: Scalable Autonomous Smart Contracts (2017)
Poon, J., Dryja, T.: The bitcoin lightning network: scalable off-chain instant payments. Draft version 0.5.9.2 (2016). https://lightning.network/lightning-network-paper.pdf
Roos, S., et al.: Settling payments fast and private: efficient decentralized routing for path-based transactions. In: NDSS (2018)
Szabo, N.: Smart contracts: building blocks for digital markets. Extropy Mag. (1996)
Acknowledgments
This work was partly supported by the German Research Foundation (DFG) Emmy Noether Program FA 1320/1-1, the DFG CRC 1119 CROSSING (project S7), the Ethereum Foundation grant Off-chain labs: formal models, constructions and proofs, the Foundation for Polish Science (FNP) grant TEAM/2016-1/4, the German Federal Ministry of Education and Research (BMBF) iBlockchain project, by the Hessen State Ministry for Higher Education, Research and the Arts (HMWK) and the BMBF within CRISP, and by the Polish National Science Centre (NCN) grant 2014/13/B/ST6/03540, Polish NCBiR Prokrym project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 International Association for Cryptologic Research
About this paper
Cite this paper
Dziembowski, S., Eckey, L., Faust, S., Hesse, J., Hostáková, K. (2019). Multi-party Virtual State Channels. In: Ishai, Y., Rijmen, V. (eds) Advances in Cryptology – EUROCRYPT 2019. EUROCRYPT 2019. Lecture Notes in Computer Science(), vol 11476. Springer, Cham. https://doi.org/10.1007/978-3-030-17653-2_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-17653-2_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-17652-5
Online ISBN: 978-3-030-17653-2
eBook Packages: Computer ScienceComputer Science (R0)
