The LND is currently the most popular routing algorithm used in the Lightning Network, the second layer solution to Bitcoin’s scalability. Despite its popularity, recent studies demonstrate that its deterministic nature compromises the anonymity of the Lightning Network. In other words, threatening parties present in the transaction path can guess the sending and receiving parties of transactions easier than in the absence of such strong determinism. As a solution, we propose augmenting the LND with a length bounded random walk insertion to include randomness into the transaction path and regain anonymity. Most importantly, we found that for generated network simulations and the snapshot network, including the random walk into the transaction path improves anonymity. In simulations with LND routing, attackers could identify senders or
receivers for 70% of transactions. For simulations of networks with 100 nodes and an average of 2 edges per node with the weighted random walk insertion, attackers could identify senders or receivers around 65% of the time. However, for simulations of networks with 500 nodes and an average of 10 edges per node with the weighted random walk insertion, attackers could never identify senders or receivers. Besides, for the snapshot simulation, they could only identify either in around 4% of transactions. Thus, we overall believe that the random walk insertion into the LND algorithm addresses the anonymity issue of the unmodified algorithm. ... Read more

The Bitcoin Lightning Network is a layer-two solution that promises instant payments, scalability, and low transaction fees on top of the Bitcoin blockchain. In case there is no direct channel between the sender and receiver, the routing algorithm uses source routing and a shortest path algorithm to determine the hops in a transaction. However, the lack of randomness in the routing decision allows an attacker to de-anonymize either sender or receiver, if they happen to be one of the nodes in the transmission path. The guarantees offered by the onion routing style algorithm are not enough to ensure anonymity when little to no randomness is used when choosing the path. Here we show how it is possible to modify the path finding algorithm keeping backward compatibility. It increases anonymity between the sender and receiver adding random hops to the already computed shortest path. Anonymity and efficiency metrics are then analysed with respect to an adversary that is aware of the full protocol implementation. Furthermore, assuming a protocol-aware adversary, an attack is designed, and it is concluded to be successful at most 53\% of the time and singularly de-anonymizing both parties in 1\% of the cases. The average number of hop counts increases by approximately two and the average fee paid by the sender increases by 4.77 times. Our results suggest a possible increase in the anonymity offered without a significant impact on the complexity of the lightning protocol implementation. However, transaction fees and payment success ratio should be analyzed further, especially for low-value transactions. ... Read more

The Lightning Network (LN) is a second-layer solution built on top of the Bitcoin protocol, allowing faster and cheaper transactions without compromising on decentralization. LN is also designed to be more anonymous, since less information has to be shared with the entire network. This should, in theory, improve privacy as well. However, recent works have shown that this is not quite true: due to the deterministic nature of contemporary routing protocols, an adversarial node on a payment path is able to uniquely identify at least one sender or recipient for about 70% of observed transactions. To combat this breach of anonymity, we propose a new routing algorithm that makes use of multiple path segments. By splitting the routing problem into multiple routing sub-problems and forming the final route by joining these sub-routes together, we introduce a degree of randomness which nullifies this kind of adversarial attack. Even when designing a counterattack, we still get a substantial improvement in anonymity, roughly tripling the number of source/destination pairs per attack. However, the protocol is also very costly, doubling the average fee and increasing the average hop count by more than 60%. This shows that the proposed protocol is not strictly superior to the current implementation, meaning that other (less drastic) protocol proposals are likely to give better cost/anonymity trade-offs. ... Read more

The Lightning Network is a second layer payment protocol built on top of Bitcoin, which is scalable and has reduced transaction fees. It does so by eliminating the need to broadcast every transaction to the whole network. When one user wants to send a payment to another, the routing protocol generates a path between them that is always fast and cost efficient. The low degree of randomness in the existing routing protocols during path selection allows an adversary to compromise the anonymity of the sender and recipient.
In this work, we propose a new routing algorithm that is less predictable when creating a transaction path. We show that this increases the anonymity of the users of the Lightning Network by creating an attack on the new routing protocol. The attacker tries to identify the potential source and recipient of a transaction. Our results suggest that there is a trade-off between the offered anonymity and transaction fees; it is not possible to get higher anonymity at no cost by designing a non-deterministic routing algorithm. ... Read more

The Lightning Network aims to solve Bitcoin's scalability problem by providing a way to transact with minimal use of the blockchain. Instead, payments are routed over payment channel networks. This routing is done by LN clients, which use cost functions to compute the optimal transaction path. With the use of onion routing, LN tries to hide the identity of transaction participants from each other. However, the cost functions of these routing protocols are currently too deterministic, making it possible for curious transaction participants to comprise the identity of sender and receiver by computing the optimal path themselves.
Here we show that we can increase the anonymity of this network by adding randomness to these routing algorithms. More specifically, during path computation we will randomly deviate from the optimal path by hopping to a random node and continue by computing a new optimal path from there. The unpredictability of this process improves the anonymity of the network, such that malicious nodes can identify the sender and recipient of transactions with negligible probability in most cases. ... Read more