General Congestion Attack on HTLC-Based Payment Channel Networks

Authors Zhichun Lu, Runchao Han, Jiangshan Yu

Thumbnail PDF


  • Filesize: 1.19 MB
  • 15 pages

Document Identifiers

Author Details

Zhichun Lu
  • Cryptape, Hangzhou, China
Runchao Han
  • Monash University, Melbourne, Australia
  • CSIRO-Data61, Melbourne, Australia
Jiangshan Yu
  • Monash University, Melbourne, Australia

Cite AsGet BibTex

Zhichun Lu, Runchao Han, and Jiangshan Yu. General Congestion Attack on HTLC-Based Payment Channel Networks. In 3rd International Conference on Blockchain Economics, Security and Protocols (Tokenomics 2021). Open Access Series in Informatics (OASIcs), Volume 97, pp. 2:1-2:15, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)


Payment Channel Networks (PCNs) have been a promising approach to scale blockchains. However, PCNs have limited liquidity: large-amount or multi-hop payments may fail. The major threat of PCNs liquidity is payment griefing, where the adversary who acts as the payee keeps withholding the payment, so that coins involved in the payment cannot be used for routing other payments before the payment expires. Payment griefing gives adversaries a chance to launch the congestion attack, where the adversary griefs a large number of payments and paralyses the entire PCN. Understanding congestion attacks, including their strategies and impact, is crucial for designing PCNs with better liquidity guarantees. However, existing research has only focused on the specific attacking strategies and specific aspects of their impact on PCNs. We fill this gap by studying the general congestion attack. Compared to existing attack strategies, in our framework each step serves an orthogonal purpose and is customisable, allowing the adversary to focus on different aspects of the liquidity. To evaluate the attack’s impact, we propose a generic method of quantifying PCNs' liquidity and effectiveness of the congestion attacks. We evaluate our general congestion attacks on Bitcoin’s Lightning Network, and show that with direct channels to 1.5% richest nodes, and ∼ 0.0096 BTC of cost, the adversary can launch a congestion attack that locks 47% (∼280 BTC) coins in the network; reduces success rate of payments by 16.0%∼60.0%; increases fee of payments by 4.5%∼16.0%; increases average attempts of payments by 42.0%∼115.3%; and increase the number of bankruptcy nodes (i.e., nodes with insufficient balance for making normal-size payments) by 26.6%∼109.4%, where the amounts of payments range from 0.001 to 0.019 BTC.

Subject Classification

ACM Subject Classification
  • Security and privacy → Distributed systems security
  • Blockchain
  • PCN
  • Congestion


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. BitInfoCharts., 2020. [Online; accessed 20-September-2020].
  2. Bitrefill., 2020. [Online; accessed 20-September-2020].
  3. Ferenc Béres, Istvan Andras Seres, and András A Benczúr. A cryptoeconomic traffic analysis of bitcoins lightning network. arXiv preprint, 2019. URL:
  4. Pranav Dandekar, Ashish Goel, Ramesh Govindan, and Ian Post. Liquidity in credit networks: A little trust goes a long way. In Proceedings of the 12th ACM conference on Electronic commerce, pages 147-156, 2011. Google Scholar
  5. George Danezis and Ian Goldberg. Sphinx: A compact and provably secure mix format. In 2009 30th IEEE Symposium on Security and Privacy, pages 269-282. IEEE, 2009. Google Scholar
  6. Edsger W Dijkstra. A note on two problems in connexion with graphs. Numerische mathematik, 1(1):269-271, 1959. Google Scholar
  7. EmelyanenkoK. Payment channel congestion via spam-attack. Github, 2017.
  8. Lester Randolph Ford and Delbert R Fulkerson. Maximal flow through a network. Canadian journal of Mathematics, 8:399-404, 1956. Google Scholar
  9. Jordi Herrera-Joancomartí, Guillermo Navarro-Arribas, Alejandro Ranchal-Pedrosa, Cristina Pérez-Solà, and Joaquin Garcia-Alfaro. On the difficulty of hiding the balance of lightning network channels. In Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, pages 602-612, 2019. Google Scholar
  10. Clemens Hoffmann. Algorithms and complexity for centrality improvement in networks, 2017. Google Scholar
  11. Akash Khosla, Evan Schwartz, and Adrian Hope-Bailie. Interledger rfcs, 0018 draft 3, connector risk mitigations., Github, 2019.
  12. Dexter C Kozen. Depth-first and breadth-first search. In The design and analysis of algorithms, pages 19-24. Springer, 1992. Google Scholar
  13. Zhichun Lu, Runchao Han, and Jiangshan Yu. General congestion attack on htlc-based payment channel networks. Cryptology ePrint Archive, 2020. Google Scholar
  14. Ayelet Mizrahi and Aviv Zohar. Congestion attacks in payment channel networks. arXiv preprint, 2020. URL:
  15. Olaoluwa Osuntokun, Conner Fromknecht, Wilmer Paulino, Oliver Gugger, and Johan Halseth. Lightning pool: A non-custodial channel lease marketplace, 2020. Google Scholar
  16. Cristina Pérez-Sola, Alejandro Ranchal-Pedrosa, J Herrera-Joancomartí, Guillermo Navarro-Arribas, and Joaquin Garcia-Alfaro. Lockdown: Balance availability attack against lightning network channels, 2019. Google Scholar
  17. Joseph Poon and Thaddeus Dryja. The bitcoin lightning network: Scalable off-chain instant payments, 2016. Google Scholar
  18. Geoffrey Ramseyer, Ashish Goel, and David Mazières. Liquidity in credit networks with constrained agents. In Proceedings of The Web Conference 2020, pages 2099-2108, 2020. Google Scholar
  19. Daniel Robinson. Htlcs considered harmful. In Stanford Blockchain Conference, 2019. Google Scholar
  20. Elias Rohrer, Julian Malliaris, and Florian Tschorsch. Discharged payment channels: Quantifying the lightning network’s resilience to topology-based attacks. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 347-356. IEEE, 2019. Google Scholar
  21. Vibhaalakshmi Sivaraman, Weizhao Tang, Shaileshh Bojja Venkatakrishnan, Giulia Fanti, and Mohammad Alizadeh. The effect of network topology on credit network throughput. arXiv preprint, 2021. URL:
  22. Sergei Tikhomirov, Pedro Moreno-Sanchez, and Matteo Maffei. A quantitative analysis of security, anonymity and scalability for the lightning network. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 387-396. IEEE, 2020. Google Scholar
  23. Saar Tochner, Aviv Zohar, and Stefan Schmid. Route hijacking and dos in off-chain networks. In Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, pages 228-240, 2020. Google Scholar