- Are you a Bitcoin enthusiast?
- Do you worry how Bitcoin is scaling?
If your answer is Yes (!) for any of these questions then you are in the right place.
Also, unless you have been living under the rock, you must be knowing about Bitcoin’s Lightning Network protocol– a second layer solution that promises to scale Bitcoin for billions of users.
For those of you who don’t know, lightning is a protocol of different protocols and technologies which makes second layer peer to peer transactions possible in a secure and private way.
And today we are going to talk specifically about Watchtowers.
One common problem that can arise while using the lightning network is that users can cheat each other. This is how it can happen:
In the lightning network, two or more parties open a payment channel between them which is basically a 2-of-2 multisig wallet where both the parties commit funds by doing an on-chain transaction to this wallet.
Once this is done, a payment channel is opened and involved parties can transfer funds back and forth to each other number of times.
But here the transaction happens only when both the parties sign a transaction thus updating the shared ledger between them. This is called the state of the ledger.
Also, note that this shared ledger and its entries are off-chain and is not broadcasted until the parties involved want to close the payment channel.
And in this scenario, any of the parties can go malicious and can broadcast the old state of the channel to cheat the other party.
For example, Alice and Bob have a channel where they have committed $10 each into it (total $20). They have done the following two transactions until now:
First transaction: Alice has sent $2 to Bob, final state after this tx: Alice owns $8 & Bob owns $12. (State 1)
Second transaction: Bob has sent $5 to Alice, final state after this tx: Alice owns $13 & Bob owns $7 (State 2)
After this Bob goes malicious and tries to broadcast state 1 to the Bitcoin’s chain to close the channel and claim $12. He tries to do this when Alice is away and Alice might be on a hike or vacation with no connectivity.
This way when the channel closes after 3 days of Bob’s broadcast, Alice would have lost her funds to Bob. (assuming Alice was away for atleast 3 days).
That’s why Alice needs to always monitor her channel and track the state of offline ledger being broadcasted to the network. But this isn’t possible every time as she is a traveler and remains online intermittently.
To solve this problem Watchtowers come to the picture !!
What Are Lightning Network’s Watchtowers?
Watchtower is a concept originally conceptualized in Lightning’s whitepaper.
A Watchtower is simply a lightning node to which you can give the authority to monitor transactions associated with your open payment channels anywhere in the lightning layer.
Apart from monitoring, you can also give watchtowers the ability to broadcast the correct state of the channel when someone tries to cheat you by broadcasting the old state.
Watchtowers can also penalize the malicious party by sending a revocation transaction that will transfer all the funds of the malicious party to you. (honest actor).
Why We Need Watchtowers?
We need Watchtowers because as you saw in the earlier example of Alice and Bob that it is impossible to stay online every time. And the time you are offline can be used by the malicious actor to cheat you by broadcasting an older state of the channel.
But with watchtowers, you can outsource this monitoring and penalizing activity to a third party node which will do the needful on your behalf if you are away. (of course, when they have detected a false transaction)
Also, in cases where you don’t plan to go offline and want to monitor your channel yourself, there can be scenarios where your node goes down due to some technical issue. So in such cases, watchtowers can act as a fallback to monitor your channels untill you come back online.
But Why Will Watchtowers Monitor Anyone’s Channel?
Watchtowers, who are basically third party lightning nodes will monitor anyone’s channel because there is an incentive for them to act.
You can hire watchtowers nodes for a fee and design the revocation transaction in such a way that the watchtowers will also receive their service fee when you get funds of the other party as a penalty.
Also, you can separately pay a service fee to the watchtowers for monitoring your channel and doing the necessary stuff when you are away and when something malicious has happened.
So this is the incentive for watchtowers to monitor anyone’s channels.
How Watchtowers Work & Aren’t They Required To Be Trusted In A Trustless Ecosystem?
Yeah, it was a bit contradictory concept for me also when I tried to understand it first because it entails trusting a third party (watchtower) which is against the trustless ethos of Bitcoin.
But by hiring a watchtower you are not compromising to trust someone and neither you are breaking your privacy.
You are simply hiring a service (watchtower) which will monitor the channels and the blockchain 24*7 on your behalf for a fee that you have promised to it.
This is how it works:
Let say I have a transaction with ID ‘123456789’ and for this, I want my watchtower to have the revocation ability.
- What I do is, I create an already signed revocation transaction and encrypt the transaction using the second part of my transaction ID i.e. ‘6789’.
- Then I give this encrypted transaction with the first part of the transaction ID i.e. ‘12345’. This ID in itself doesn’t reveal anything to the watchtower but it acts as a hint for the watchtower to look out for this transaction (if & when broadcasted !!)
- If the transaction gets broadcasted, the watchtower can recognize it using the hint or the first part of the transaction ID that it has.
- After which the watchtower can find out the second part of the transaction ID and decrypt the transaction and broadcast it to the blockchain.
A thing to note here is that watchtowers only get to know about my transaction when actually something malicious has happened and that’s the only time I actually want them to know.
Of course, I understand that it is not a fully trustless and private way of citing a cheat transaction but atleast it is better than having nothing at place.
People are still exploring how to make this better. How to decentralized these watchtowers. How to make it so there's a market place for them and they just work behind the scenes. So let's work on making it better. LN is still very new.
— Charlie Lee [LTC⚡] (@SatoshiLite) March 29, 2018
Another common argument that we often hear about watchtowers is that they are strict and the mechanism of transferring the funds of one party to another as a penalty should not be true for every case.
This is because some times old state of channels can be broadcasted to the blockchain by human error or by a software bug also and in that case, such kind of penalty can be very harsh.
So to combat this limitation lightning developers have thought of a solution called Eltoo.
Eltoo is a new type of payment channel which simply gives a chance (timeframe) to the users to broadcast the latest state of the channel and thus invalidating the older ones. This removes the case where anyone will be penalized for a mistake or bug but still facilitate things in the way it should be.
We will discuss Eltoo in detail in a future blog post. (future is here)
Untill that time keep learning and sharing this Bitcoin revolution with everyone who is interested to know about it !!
Further Suggested Readings…