Strategic Analysis of Griefing Attack in Lightning Network

Hashed Timelock Contract (HTLC) in Lightning Network is susceptible to a griefing attack. An attacker can block several channels and stall payments by mounting this attack. A state-of-the-art countermeasure, Hashed Timelock Contract with Griefing-Penalty (HTLC-GP) is found to work under the classical assumption of participants being either honest or malicious but fails for rational participants. To address the gap, we introduce a game-theoretic model for analyzing griefing attacks in HTLC. We use this model to analyze griefing attacks in HTLC-GP and conjecture that it is impossible to design an efficient protocol that will penalize a malicious participant with the current Bitcoin scripting system. We study the impact of the penalty on the cost of mounting the attack and observe that HTLC-GP is weakly effective in disincentivizing the attacker in certain conditions. To further increase the cost of attack, we introduce the concept of \emph{guaranteed minimum compensation}, denoted as $\zeta$, and modify HTLC-GP into $\textrm{HTLC-GP}^{\zeta}$. By experimenting on several instances of Lightning Network, we observe that the total coins locked in the network drops to $28\%$ for $\textrm{HTLC-GP}^{\zeta}$, unlike in HTLC-GP where total coins locked does not drop below $40\%$. These results justify that $\textrm{HTLC-GP}^{\zeta}$ is better than HTLC-GP to counter griefing attacks.