Bitcoin‘s lightning network may be just starting to send transactions over the blockchain, but already its developers are looking to rearchitect the technology.
That’s because, while touted as a way to significantly boost bitcoin’s capacity, the network itself does require users to store a significant amount of data, which makes it difficult to download and run. As such, several lightning developers – Lightning Labs co-founder ‘Laolu’ Osuntokun and Blockstream’s Christian Decker and Rusty Russell – have published a new proposal which imagines an alternative, “simplified” way of making off-chain transactions called eltoo.
But the new proposal isn’t only about condensing the amount of data users need to store, it’s also about keeping users’ cryptocurrency safe.
For instance, all this data poses another problem in that if users accidentally broadcast older data, they might lose money. As such, this data has been coined “toxic information.”
Eltoo, on the other hand, only stores the most recent off-chain transaction data, solving the well-known “information asymmetry” problem – that is if something happens to the device you’re running your lightning app on – say your smartphone – you might lose access to the whole history of data.
“With eltoo, we reduce the risk of funds being swept away. We remove this toxic information,” said Decker, who noted that the proposal’s name is a joke of sorts – the phonetic spelling of “L2,” which stands for layer-two, what many people call technology like lightning that pushes transactions off-chain.
And this is something Decker is very interested in since he’s experienced the problem personally.
“This actually happened to me,” he said, adding:
“I had an old lightning node on my laptop. I restored it. I didn’t know I didn’t have the newest state. The guy closed the connection because they knew it was an old state! Because he could steal it. Which he did, by the way.”
All about revoking
Developers have long been trying to come up with a way for users to make a bunch of transactions using bitcoin, without bloating the blockchain with unnecessary data.
That’s really what most of the scaling debates are all about.
But the first attempt to do this was way at the beginning of bitcoin’s history when off-chain transaction capabilities were experimented with using so-called “sequence numbers” to keep track of which off-chain transaction is the most recent.
The idea was simple – if Alice has $10 and sends a $1 transaction to Bob, obviously her balance dwindles to $9.00. This then gets a sequence number “1.” If later, she sends Bob $4, her balance is now $5, and this most recent transaction gets a sequence number “2.”
But according to Decker, the mechanism “didn’t work out,” because miners didn’t have any reason to enforce the rules and replace old transactions with the more recent ones.
Miners could just broadcast the one transaction where Alice’s balance drops to $9 (even though she had made another transaction that dropped her balance to $5). While it’s unclear why a miner might want or decide to not revoke a transaction for another one, they could decide to do so since there was no enforceability.
In this way, revoking old transactions in crucial otherwise Bob might not get the second transaction and Alice could run away with the money.
This “lack of enforceability” is a problem that wasn’t solved until 2015.
And the lightning network is the best-known solution to this problem so far. Today, revoking old state is accomplished with the “L2-penalty” model – whereby a lightning wallet or node stores all of these intermediary states, then, if someone tries to broadcast an earlier, now-invalid state, this is detected and the cheating user is punished by losing money.
Eltoo and L2
But, three years on, the researchers are, in fact, going back to the idea of using sequence numbers to revoke old transactions.
Unlike bitcoin’s old code, which didn’t have an enforcement mechanism for these sequences, eltoo adds a procedure that makes every state update prescribed. Every state update – Alice sending Bob money, for instance – is composed of two transactions, each of which both parties store and which totally replace the prior update transaction.
“Only the last settlement transaction can ever be confirmed on the blockchain,” the introductory blog post explains…