Scaling bitcoin with second-layer solutions that remain decentralised and offer peer-to-peer transactions is not an easy solve. Every solution comes with trade-offs and possible attack vectors or exploits for malicious actors to not only attack users and their funds but harm the integrity of the network.
When you use bitcoin on the Lightning network in a non-custodial fashion, you’re broadcasting a base-chain transaction to the network and locking up those funds in a hashed time lock contract. This contract is recognised by the Lightning network as funds that cannot be moved on the base layer but can now be released on the second layer.
Now that your funds are available on the second layer, you will need to use your Lightning node to create channels with other users of the Lightning network. Once you create a channel, you’ll be able to route payments either directly to that user or use them as a hop that transfers funds via that user to another payment destination.
Creating channels means you’re effectively partnering with another Lightning network user to leverage each other’s funds to route payments. Now you could use Lightning and set up private channels and pay certain users directly, or you can leverage public channels, but you should always consider the type of user you’re partnering with within a channel.
Lightning node reputations
Do they have a reputation, or could they be a bad actor?
The reason why trust and reputation become a factor in the Lightning network is that you don’t want to have to spend money broadcasting to close channels unnecessarily because you connected with someone who wanted to rug pull your funds.
You want to establish channels that provide value to yourself and the network to ensure you can always route payments at the lowest rates or earn fees via the channels you create. Connecting to low-quality channels means you’re locking up liquidity to either earn very little or possibly lose your funds.
Channel markets like Amboss are looking at ways of building out a reputation for Lightning node runners, but that doesn’t give you much protection should you fall into an issue with a channel partner; for this, you’d need something more robust.
A way to punish bad actors on the network and make it unprofitable to try and cheat, and this is where penalty transactions come into play.
Background on Lightning channels
The Lightning Network uses fully signed bitcoin transactions to transfer bitcoin between parties. These transactions are not normally broadcast and added to the bitcoin blockchain. However, since they are valid transactions, any of them can be broadcast to the blockchain at any time. This would close the Lightning channel and invalidate any Lightning transactions that occurred after that time.
This mechanism can be exploited to allow double spending over Lightning by malicious actors. To discourage this bad behaviour, penalty transactions allow users to reclaim their funds.
What is a penalty transaction?
A penalty transaction allows one party in a Lightning channel to reclaim funds stolen during the dishonest closing of a Lightning channel. To send a Lightning channel payment, the sender signs a Bitcoin transaction called a commitment transaction which rebalances the channel.
Putting penalties in place for bad actors
To fix this problem, commitment transactions are set up such that even after an old commitment transaction has been confirmed on the blockchain. If someone can produce a newer, valid commitment transaction from the same channel. This transaction can reclaim the stolen funds and additionally claim all of the funds from the thief’s side of the channel.
An example of when a penalty transaction would be viable
Let’s consider Alice and Bob, two individuals with an open Lightning channel, in which they each control 0.5 BTC or 50 million satoshis. Both parties currently hold a commitment transaction that allots them 0.5 BTC.
Alice then sends Bob 0.30 BTC over Lightning, leaving her with 0.20 BTC while Bob has 0.80 BTC.
A new commitment transaction reflects this new balance on the Lightning network. However, Alice can now take the old commitment transaction and publish it to the blockchain. Each party would receive 0.50 BTC, effectively reversing the 0.3 BTC transaction Alice sent to Bob on the Lightning network and replacing it with the new on-chain transaction.
Adding in preventative measures
To prevent these sorts of attacks or rather discourage malicious actors from attempting them, the Lightning protocol enables a user who has had their funds stolen a chance to recover them. The user would publish the newer commitment transaction within a certain period and take not just the amount of bitcoin owed, as in the example above.
It would the 0.5 BTC that is owed.
But the party can also claim the full 1 BTC from the channel.
Bob would take Alice’s’ entire stake in the channel as a punishment for Alice’s’ attempt to double-spend that bitcoin.
Recommended reading
If you’re’ keen to learn more about penalty transactions in detail, we recommend checking out the following resources.
Are you a bitcoin and lightning fan?
Have you been using Lightning to make micro-payments? Stream sats or engage with apps? Which app is your favourite? Have you tried all the forms of Lightning payments? Which one do you prefer? Let us know in the comments down below.