pith. sign in

arxiv: 2605.20952 · v1 · pith:E5Q4JRRUnew · submitted 2026-05-20 · 💻 cs.DC · cs.CR

Ark: Offchain Transaction Batching in Bitcoin

Pim Keer , Matteo Maffei , Marco Argentieri , Andrew Camilleri , Zeta Avarikioti This is my paper

Pith reviewed 2026-05-21 02:16 UTC · model grok-4.3

classification 💻 cs.DC cs.CR
keywords Bitcoincommit-chainoffchain transactionsvirtual UTXOslayer-2 scalabilityuntrusted operatorbatch commitments
0
0 comments X

The pith

Ark batches offchain Bitcoin transactions of virtual UTXOs into constant-sized onchain commitments via an untrusted operator.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper presents Ark as a commit-chain for Bitcoin that moves payments offchain using virtual UTXOs. An untrusted operator aggregates these transactions into succinct onchain commitments. Users can receive offchain payments without locking funds onchain beforehand. State updates require only the users involved in the update. The authors formally prove security and show experimentally that arbitrary batch sizes fit in a constant onchain footprint of roughly 200 vB.

Core claim

Ark is the first Bitcoin-compatible commit-chain where an untrusted operator aggregates transactions of virtual UTXOs into succinct onchain commitments, enabling offchain payments with the property that users receive without prior fund locking and that state updates involve only the participating users.

What carries the argument

Virtual UTXOs (VTXOs) aggregated by an untrusted operator into a succinct onchain commitment that supports cooperative and unilateral exits.

If this is right

  • Arbitrary numbers of VTXOs commit onchain with a fixed footprint of approximately 200 vB.
  • Cooperative exits add one output per user to the onchain transaction.
  • Unilateral exits require O(log n) transactions of roughly 150 vB each for a batch of n VTXOs.
  • The protocol supports non-custodial operation without requiring all participants to update state.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The model reduces setup friction relative to systems that mandate upfront onchain locks for every participant.
  • Constant-size commitments could lower per-transaction fees during periods of high network demand.
  • The design might combine with other Bitcoin scaling approaches to create layered payment networks.

Load-bearing premise

The formal security proof covers all realistic attack vectors under Bitcoin consensus and scripting, including operator misbehavior countered by user exit paths.

What would settle it

An experiment showing either that commitment size grows with batch size or that funds can be stolen without users detecting and exiting would disprove the claims.

Figures

Figures reproduced from arXiv: 2605.20952 by Andrew Camilleri, Marco Argentieri, Matteo Maffei, Pim Keer, Zeta Avarikioti.

Figure 1
Figure 1. Figure 1: An example Ark protocol flow (solid boxes appear onchain, dashed boxes optimistically never appear onchain). Alice [PITH_FULL_IMAGE:figures/full_fig_p005_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Transaction dependencies within the Ark protocol. UTXOs are represented by small rectangles enclosing a label, [PITH_FULL_IMAGE:figures/full_fig_p007_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Alice sends funds to Bob via an Ark transaction. [PITH_FULL_IMAGE:figures/full_fig_p008_3.png] view at source ↗
read the original abstract

Bitcoin is the cryptocurrency with the largest market capitalisation, but its widespread adoption is fundamentally limited by the scalability constraints of its consensus algorithm, which requires every transaction to be confirmed onchain. To address this, several Layer-2 scalability solutions have been proposed to move payments offchain -- most notably, the Lightning Network. However, their deployment remains hindered by cumbersome setup requirements: users must lock funds onchain to participate and engage in complex auxiliary protocols (e.g., for channel rebalancing, top-ups, and routing). Other solutions, like payment pools, sidechains and rollups, cannot be implemented in a non-custodial way on Bitcoin due to its limited scripting capabilities, or require all protocol participants to update the offchain state. In this work, we present Ark, the first Bitcoin-compatible commit-chain. Ark enables offchain transactions of virtual UTXOs (VTXOs), through an untrusted operator who aggregates them into succinct onchain commitments. A distinctive feature of Ark is its ease of deployment: users can receive offchain payments without locking any funds beforehand and Ark state updates can be performed only requiring the users involved in that update. We formally define the Ark protocol and prove its security. During this process, we identified two attacks affecting the testnet implementation, which we responsibly disclosed and proposed fixes for, which have been now integrated into the mainnet implementation. Our experimental evaluation demonstrates that Ark can commit onchain to batches of arbitrarily many VTXOs with a constant-sized footprint of approximately 200 vB. Cooperative exits add one output per user, while unilateral exits require $\mathcal{O}(\log n)$ transactions of roughly 150 vB per VTXO for a batch of $n$ VTXOs.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper introduces Ark, the first Bitcoin-compatible commit-chain, enabling offchain transactions of virtual UTXOs (VTXOs) aggregated by an untrusted operator into succinct onchain commitments. Distinctive features include users receiving offchain payments without prior fund locking and state updates requiring only involved users. The authors formally define the protocol, prove its security, disclose and fix two testnet attacks, and report experimental results with constant ~200 vB onchain footprint for arbitrary batch sizes; cooperative exits add one output per user while unilateral exits use O(log n) ~150 vB transactions per VTXO.

Significance. If the security proof holds under Bitcoin's scripting model, Ark would be a significant contribution to Layer-2 scalability by offering a non-custodial, easily deployable alternative to protocols like Lightning that avoids complex setup and rebalancing. The formal definition and proof, combined with the experimental demonstration of constant-sized onchain commitments independent of batch size, represent clear strengths; the responsible disclosure of attacks further supports the work's rigor.

major comments (2)
  1. [Formal security proof] Formal security proof (abstract and protocol definition sections): the claim that users can detect and counter operator misbehavior via cooperative or unilateral exit paths is load-bearing for the central security result, yet it is unclear whether the proof explicitly models operator actions such as withholding exit data or publishing conflicting commitments that could invalidate the O(log n) unilateral exit scripts, particularly given Bitcoin's lack of covenants and the fact that two attacks were identified and fixed during testnet implementation.
  2. [Unilateral exit mechanism] Unilateral exit mechanism (experimental evaluation and protocol sections): the O(log n) exit path of ~150 vB per VTXO for batch size n relies on pre-signed or script-enforced claims against the succinct commitment, but without a concrete mapping to Bitcoin's consensus and scripting constraints (e.g., confirmation delays or output script enforcement), the security reduction does not fully address the skeptic concern about realistic attack vectors.
minor comments (2)
  1. [Abstract] The abstract introduces VTXOs without a brief parenthetical definition; adding one would aid readers new to the concept.
  2. [Experimental evaluation] Ensure the experimental batch-size results include a cross-reference to the commitment construction used in the security proof to avoid any appearance of circularity.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the positive assessment of Ark's significance as a Bitcoin-compatible commit-chain and for the detailed major comments on the formal security proof and unilateral exit mechanism. We address each point below with clarifications drawn from the manuscript, and we will revise the relevant sections to improve explicitness while preserving the original results and proofs.

read point-by-point responses

  1. Referee: Formal security proof (abstract and protocol definition sections): the claim that users can detect and counter operator misbehavior via cooperative or unilateral exit paths is load-bearing for the central security result, yet it is unclear whether the proof explicitly models operator actions such as withholding exit data or publishing conflicting commitments that could invalidate the O(log n) unilateral exit scripts, particularly given Bitcoin's lack of covenants and the fact that two attacks were identified and fixed during testnet implementation.

    Authors: We thank the referee for this observation. Section 4 of the manuscript formally models the operator as a fully malicious party in the security game, explicitly including actions such as withholding exit data, refusing to process updates, or publishing conflicting commitments. The security theorem (Theorem 1) proves that any such deviation is detectable and counterable by users via the cooperative exit (requiring only involved parties) or unilateral exit paths, which rely on pre-signed transactions and hash commitments rather than covenants. The two testnet attacks (related to exit script ordering and commitment invalidation) were identified during the proof process, responsibly disclosed, and the fixes were integrated into both the implementation and the formal model. To make this modeling more transparent, we will add a dedicated paragraph in the protocol definition section (Section 3) and an expanded proof sketch in Section 4 that walks through the withholding and conflicting-commitment cases. revision: yes

  2. Referee: Unilateral exit mechanism (experimental evaluation and protocol sections): the O(log n) exit path of ~150 vB per VTXO for batch size n relies on pre-signed or script-enforced claims against the succinct commitment, but without a concrete mapping to Bitcoin's consensus and scripting constraints (e.g., confirmation delays or output script enforcement), the security reduction does not fully address the skeptic concern about realistic attack vectors.

    Authors: We agree that a more explicit mapping strengthens the presentation. Section 3.4 describes the unilateral exit as a Merkle-tree path of O(log n) pre-signed transactions per VTXO, each verified against the on-chain commitment using standard Bitcoin scripts (OP_CHECKSIG, OP_HASH160, etc.) without requiring covenants. Confirmation delays are handled by a security parameter requiring k confirmations of the commitment transaction before the exit can be considered final; the security reduction in Section 4 accounts for realistic vectors such as operator publishing invalid data or attempting to race exits. The experimental results report the ~150 vB size and constant on-chain footprint. We will revise the experimental evaluation section to include a table mapping each exit script step to Bitcoin opcodes, confirmation requirements, and how these counter the listed attack vectors. revision: yes

Circularity Check

0 steps flagged

Ark protocol definition and security proof are self-contained with no circular reductions

full rationale

The paper formally defines the Ark commit-chain protocol from first principles against Bitcoin's existing consensus and scripting model, then proves security properties for VTXO offchain transactions, untrusted operator commitments, and cooperative/unilateral exit paths. These elements are specified directly in the protocol description without reducing to fitted parameters, self-referential predictions, or load-bearing self-citations that would make the central claims equivalent to their inputs by construction. The mention of discovering and fixing two testnet attacks reflects empirical validation rather than circularity, and the constant-sized onchain footprint and O(log n) exit costs follow from the succinct commitment design rather than renaming or smuggling prior ansatzes.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 1 invented entities

The design relies on Bitcoin's existing consensus and scripting constraints as background, plus the new VTXO abstraction and exit mechanisms whose security is proven in the paper.

axioms (1)
  • domain assumption Bitcoin's limited scripting capabilities prevent non-custodial implementations of payment pools, sidechains, and rollups without all participants updating state.
    Stated directly in the abstract as the reason other solutions are unsuitable.
invented entities (1)
  • virtual UTXOs (VTXOs) no independent evidence
    purpose: Represent offchain transaction state that can be batched by an untrusted operator into onchain commitments.
    Core new abstraction introduced to enable the commit-chain functionality.

pith-pipeline@v0.9.0 · 5857 in / 1394 out tokens · 43968 ms · 2026-05-21T02:16:20.197346+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

60 extracted references · 60 canonical work pages · 2 internal anchors

  1. [1]

    Lukas Aumayr, Zeta Avarikioti, Robin Linus, Matteo Maffei, Andrea Pelosi, Christos Stefo, and Alexei Zamyatin. 2024. BitVM: Quasi-Turing Complete Computation on Bitcoin.Cryptology ePrint Archive(2024)

    work page 2024

  2. [2]

    Lukas Aumayr, Zeta Avarikioti, Matteo Maffei, and Subhra Mazumdar. 2024. Securing Lightning Channels against Rational Miners. InProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security(Salt Lake City, UT, USA)(CCS ’24). Association for Computing Machinery, New York, NY, USA, 393–407. doi:10.1145/3658644.3670373

    work page doi:10.1145/3658644.3670373 2024

  3. [3]

    Lukas Aumayr, Zeta Avarikioti, Matteo Maffei, Giulia Scaffino, and Dionysis Zindros. 2024. Blink: An optimal proof of proof-of-work.Cryptology ePrint Archive(2024)

    work page 2024

  4. [4]

    Lukas Aumayr, Oguzhan Ersoy, Andreas Erwig, Sebastian Faust, Kristina Hostáková, Matteo Maffei, Pedro Moreno-Sanchez, and Siavash Riahi. 2021. Generalized channels from limited blockchain scripts and adaptor signatures. InInternational Conference on the Theory and Application of Cryptology and Information Security. Springer, 635–664

    work page 2021

  5. [5]

    Lukas Aumayr, Matteo Maffei, Oğuzhan Ersoy, Andreas Erwig, Sebastian Faust, Siavash Riahi, Kristina Hostáková, and Pedro Moreno-Sanchez. 2021. Bitcoin- compatible virtual channels. In2021 IEEE Symposium on Security and Privacy (SP). IEEE, 901–918

    work page 2021

  6. [6]

    Georgia Avarikioti, Eleftherios Kokoris Kogias, Roger Wattenhofer, and Dion- ysis Zindros. 2019. Brick: Asynchronous payment channels.arXiv preprint arXiv:1905.11360(2019)

    work page arXiv 2019

  7. [7]

    Zeta Avarikioti, Mahsa Bastankhah, Mohammad Ali Maddah-Ali, Krzysztof Pietrzak, Jakub Svoboda, and Michelle Yeo. 2024. Route Discovery in Private Payment Channel Networks. InComputer Security. ESORICS 2024 International Workshops - DPM, CBT, and CyberICPS, Bydgoszcz, Poland, September 16-20, 2024, Revised Selected Papers, Part I (Lecture Notes in Computer...

    work page doi:10.1007/978-3-031-82349-7_15 2024

  8. [8]

    Zeta Avarikioti, Georg Fuchsbauer, Pim Keer, Matteo Maffei, and Fabian Regen

    work page

  9. [9]

    A Composable Game-Theoretic Framework for Blockchains.arXiv preprint arXiv:2504.18214(2025)

    work page internal anchor Pith review Pith/arXiv arXiv 2025

  10. [10]

    Zeta Avarikioti, Krzysztof Pietrzak, Iosif Salem, Stefan Schmid, Samarth Tiwari, and Michelle Yeo. 2022. Hide & Seek: Privacy-Preserving Rebalancing on Pay- ment Channel Networks. InFinancial Cryptography and Data Security - 26th International Conference, FC 2022, Grenada, May 2-6, 2022, Revised Selected Papers (Lecture Notes in Computer Science), Ittay E...

    work page doi:10.1007/978-3-031-18283-9_17 2022

  11. [11]

    Zeta Avarikioti, Stefan Schmid, and Samarth Tiwari. 2024. Musketeer: Incentive- Compatible Rebalancing for Payment Channel Networks. In6th Conference on Advances in Financial Technologies, AFT 2024, Vienna, Austria, September 23- 25, 2024 (LIPIcs), Rainer Böhme and Lucianna Kiffer (Eds.). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 13:1–13:22. doi:...

    work page doi:10.4230/lipics.aft.2024.13 2024

  12. [12]

    Zeta Avarikioti, Orfeas Stefanos Thyfronitis Litos, and Roger Wattenhofer. 2020. Cerberus Channels: Incentivizing Watchtowers for Bitcoin. InFinancial Cryptog- raphy and Data Security: 24th International Conference, FC 2020 , Kota Kinabalu, Malaysia, February 10–14, 2020 Revised Selected Papers. Springer-Verlag, Berlin, Heidelberg, 346–366. doi:10.1007/97...

    work page doi:10.1007/978-3-030-51280-4_19 2020

  13. [13]

    Zeta Avarikioti, Yuheng Wang, and Yuyi Wang. 2025. Thunderdome: Timelock- Free Rationally-Secure Virtual Channels.arXiv preprint arXiv:2501.14418(2025)

    work page arXiv 2025

  14. [14]

    Adam Back, Matt Corallo, Luke Dashjr, Mark Friedenbach, Gregory Maxwell, Andrew Miller, Andrew Poelstra, Jorge Timón, and Pieter Wuille. 2014. Enabling blockchain innovations with pegged sidechains.URL: http://www. opensciencere- view. com/papers/123/enablingblockchain-innovations-with-pegged-sidechains72 (2014), 201–224

    work page 2014

  15. [15]

    Bitcoin Optech. 2025. Cluster mempool. https://bitcoinops.org/en/topics/cluster- mempool/. accessed: 2025-09-21

    work page 2025

  16. [16]

    Burak. 2023. Introducing Ark. https://brqgoo.medium.com/introducing-ark- 6f87ae45e272

    work page 2023

  17. [17]

    Conrad Burchert, Christian Decker, and Roger Wattenhofer. 2018. Scalable funding of bitcoin micropayment channel networks.Royal Society open science 5, 8 (2018), 180089

    work page 2018

  18. [18]

    Cashu. 2025. Cashu is Ecash for Bitcoin. https://docs.cashu.space/

    work page 2025

  19. [19]

    David Chaum. 1983. Blind signatures for untraceable payments. InAdvances in Cryptology: Proceedings of Crypto 82. Springer, 199–203

    work page 1983

  20. [20]

    Hao Chung, Elisaweta Masserova, Elaine Shi, and Sri AravindaKrishnan Thya- garajan. 2022. Ponyta: Foundations of side-contract-resilient fair exchange. Cryptology ePrint Archive(2022)

    work page 2022

  21. [21]

    Jeff Coleman. 2015. State Channels. https://www.jeffcoleman.ca/state-channels/

    work page 2015

  22. [22]

    Christian Decker, Rusty Russell, and Olaoluwa Osuntokun. 2018. eltoo: A simple layer2 protocol for bitcoin.White paper: https:// blockstream.com/ eltoo.pdf(2018)

    work page 2018

  23. [23]

    Christian Decker and Roger Wattenhofer. 2015. A fast and scalable payment network with bitcoin duplex micropayment channels. InStabilization, Safety, and Security of Distributed Systems: 17th International Symposium, SSS 2015, Edmonton, AB, Canada, August 18-21, 2015, Proceedings 17. Springer, 3–18

    work page 2015

  24. [24]

    Xinshu Dong, Orfeas Stefanos Thyfronitis Litos, Ertem Nusret Tas, David Tse, Robin Linus Woll, Lei Yang, and Mingchao Yu. 2024. Remote Staking with Economic Safety.arXiv preprint arXiv:2408.01896(2024)

    work page internal anchor Pith review Pith/arXiv arXiv 2024

  25. [25]

    Stefan Dziembowski, Lisa Eckey, Sebastian Faust, Julia Hesse, and Kristina Hostáková. 2019. Multi-party virtual state channels. InAnnual international conference on the theory and applications of cryptographic techniques. Springer, 625–656

    work page 2019

  26. [26]

    Stefan Dziembowski, Lisa Eckey, Sebastian Faust, and Daniel Malinowski. 2019. Perun: Virtual payment hubs over cryptocurrencies. In2019 IEEE symposium on security and privacy (SP). IEEE, 106–123

    work page 2019

  27. [27]

    Fedimint. 2025. Fedimint. https://fedimint.org/docs/intro

    work page 2025

  28. [28]

    Garay, Aggelos Kiayias, and Nikos Leonardos

    Juan A. Garay, Aggelos Kiayias, and Nikos Leonardos. 2024. The Bitcoin Backbone Protocol: Analysis and Applications.J. ACM(apr 2024). doi:10.1145/3653445

    work page doi:10.1145/3653445 2024

  29. [29]

    Mike Hearn and Jeremy Spillman. 2023. Contract. https://en.bitcoin.it/wiki/ Contract. accessed: 2025-09-20

    work page 2023

  30. [30]

    Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, and Sharon Goldberg. 2017. Tumblebit: An untrusted bitcoin-compatible anony- mous payment hub. InNetwork and distributed system security symposium

    work page 2017

  31. [31]

    Harry Kalodner, Steven Goldfeder, Xiaoqi Chen, S Matthew Weinberg, and Edward W Felten. 2018. Arbitrum: Scalable, private smart contracts. In27th USENIX Security Symposium (USENIX Security 18). 1353–1370

    work page 2018

  32. [32]

    Rami Khalil, Alexei Zamyatin, Guillaume Felley, Pedro Moreno-Sanchez, and Arthur Gervais. 2018. Commit-chains: Secure, scalable off-chain payments. Cryptology ePrint Archive(2018)

    work page 2018

  33. [33]

    Aggelos Kiayias and Dionysis Zindros. 2019. Proof-of-work sidechains. InIn- ternational Conference on Financial Cryptography and Data Security. Springer, 21–34

    work page 2019

  34. [34]

    Lightning Network. 2023. BOLT #3. https://github.com/lightning/bolts/blob/ master/03-transactions.md. accessed: 2025-09-21

    work page 2023

  35. [35]

    Robin Linus, Lukas Aumayr, Zeta Avarikioti, Matteo Maffei, Andrea Pelosi, Orfeas Thyfronitis Litos, Christos Stefo, David Tse, and Alexei Zamyatin. 2025. Bridging Bitcoin to Second Layers via BitVM2. Cryptology ePrint Archive, Paper 2025/1158. https://eprint.iacr.org/2025/1158

    work page 2025

  36. [36]

    Andrew Miller, Iddo Bentov, Surya Bakshi, Ranjit Kumaresan, and Patrick Mc- Corry. 2019. Sprites and state channels: Payment networks that go faster than lightning. InInternational conference on financial cryptography and data security. Springer, 508–526

    work page 2019

  37. [37]

    Tejaswi Nadahalli, Majid Khabbazian, and Roger Wattenhofer. 2021. Timelocked Bribing. InFinancial Cryptography and Data Security: 25th International Con- ference, FC 2021, Virtual Event, March 1–5, 2021, Revised Selected Papers, Part I. Springer-Verlag, Berlin, Heidelberg, 53–72. doi:10.1007/978-3-662-64322-8_3

    work page doi:10.1007/978-3-662-64322-8_3 2021

  38. [38]

    Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system

    work page 2008

  39. [39]

    Gleb Naumenko and Antoine Riard. [n. d.]. CoinPool: efficient off-chain payment pools for Bitcoin. https://coinpool.dev/v0.1.pdf

    work page

  40. [40]

    Jonas Nick, Andrew Poelstra, and Gregory Sanders. 2020. Liquid: A bitcoin sidechain.Liquid white paper. URL https://blockstream. com/assets/downloads/pdf/liquid-whitepaper. pdf(2020)

    work page 2020

  41. [41]

    Jonas Nick, Tim Ruffing, and Yannick Seurin. 2020. MuSig2: Simple Two-Round Schnorr Multi-Signatures. Cryptology ePrint Archive, Paper 2020/1261. doi:10. 1007/978-3-030-84242-0_8

    work page 2020

  42. [42]

    Optimism. 2021. Optimistic Rollup Overview. https://github.com/ethereum- optimism/optimistic-specs/blob/0e9673af0f2cafd89ac7d6c0e5d8bed7c67b74ca/ overview.md

    work page 2021

  43. [43]

    Alejandro Ranchal Pedrosa, Maria Potop-Butucaru, and Sara Tucci-Piergiovanni

    work page

  44. [44]

    InProceedings of the 34th ACM/SIGAPP Symposium on Applied Computing

    Scalable lightning factories for bitcoin. InProceedings of the 34th ACM/SIGAPP Symposium on Applied Computing. 302–309

    work page

  45. [45]

    Joseph Poon and Vitalik Buterin. 2017. Plasma: Scalable autonomous smart contracts.White paper(2017), 1–47

    work page 2017

  46. [46]

    Joseph Poon and Thaddeus Dryja. 2016. The bitcoin lightning network: Scalable off-chain instant payments. Pim Keer, Matteo Maffei, Marco Argentieri, Andrew Camilleri, and Zeta Avarikioti

    work page 2016

  47. [47]

    Xianrui Qin, Shimin Pan, Arash Mirzaei, Zhimei Sui, Oğuzhan Ersoy, Amin Sakzad, Muhammed F Esgin, Joseph K Liu, Jiangshan Yu, and Tsz Hon Yuen

    work page

  48. [48]

    In2023 IEEE symposium on security and privacy (SP)

    Blindhub: Bitcoin-compatible privacy-preserving payment channel hubs supporting variable amounts. In2023 IEEE symposium on security and privacy (SP). IEEE, 2462–2480

    work page

  49. [49]

    Siavash Riahi and Orfeas Stefanos Thyfronitis Litos. 2024. Bitcoin Clique: Channel-free Off-chain Payments using Two-Shot Adaptor Signatures. Cryptol- ogy ePrint Archive, Paper 2024/025. https://eprint.iacr.org/2024/025

    work page 2024

  50. [50]

    Stefanie Roos, Pedro Moreno-Sanchez, Aniket Kate, and Ian Goldberg. 2018. Settling Payments Fast and Private: Efficient Decentralized Routing for Path- Based Transactions. In25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018. The Internet Society. https://www.ndss-symposium.org/wp-con...

    work page 2018

  51. [51]

    Tim Ruffing, Aniket Kate, and Dominique Schröder. 2015. Liar, liar, coins on fire! Penalizing equivocation by loss of bitcoins. InProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 219–230

    work page 2015

  52. [52]

    Vibhaalakshmi Sivaraman, Shaileshh Bojja Venkatakrishnan, Kathleen Ruan, Parimarjan Negi, Lei Yang, Radhika Mittal, Giulia Fanti, and Mohammad Alizadeh

    work page

  53. [53]

    In17th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2020, Santa Clara, CA, USA, February 25-27, 2020, Ranjita Bhagwan and George Porter (Eds.)

    High Throughput Cryptocurrency Routing in Payment Channel Networks. In17th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2020, Santa Clara, CA, USA, February 25-27, 2020, Ranjita Bhagwan and George Porter (Eds.). USENIX Association, 777–796. https://www.usenix.org/ conference/nsdi20/presentation/sivaraman

    work page 2020

  54. [54]

    Ruben Somsen. 2018. Statechains: Off-chain Transfer of UTXO Ownership

    work page 2018

  55. [55]

    Spark. [n. d.]. Spark Documentation. https://docs.spark.money/

    work page

  56. [56]

    Erkan Tairi, Pedro Moreno-Sanchez, and Matteo Maffei. 2021. A 2 l: Anonymous atomic locks for scalability in payment channel hubs. In2021 IEEE symposium on security and privacy (SP). IEEE, 1834–1851

    work page 2021

  57. [57]

    Samarth Tiwari, Michelle Yeo, Zeta Avarikioti, Iosif Salem, Krzysztof Pietrzak, and Stefan Schmid. 2022. Wiser: Increasing Throughput in Payment Channel Networks with Transaction Aggregation. InProceedings of the 4th ACM Con- ference on Advances in Financial Technologies, AFT 2022, Cambridge, MA, USA, September 19-21, 2022, Maurice Herlihy and Neha Narula...

    work page doi:10.1145/3558535.3559775 2022

  58. [58]

    Itay Tsabary, Matan Yechieli, Alex Manuskin, and Ittay Eyal. 2021. MAD-HTLC: because HTLC is crazy-cheap to attack. In2021 IEEE symposium on security and privacy (SP). IEEE, 1230–1248

    work page 2021

  59. [59]

    Sarisht Wadhwa, Jannis Stoeter, Fan Zhang, and Kartik Nayak. 2022. He-htlc: Revisiting incentives in htlc.Cryptology ePrint Archive(2022)

    work page 2022

  60. [60]

    boarding:

    Pieter Wuille, Jonas Nick, and Anthony Towns. 2020. Taproot: SegWit version 1 spending rules. https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki A Global Parameters, Notation and Commitment Transaction Construction Table A.1: Global parameters and Notation 𝑃, 𝑂 Ark user and Ark operator tx,out Transaction, transaction output vtxo Virtual trans...

    work page 2020