Payment channel networks (PCNs) are among the most promising solutions to the scalability issues in permissionless blockchains, by allowing parties to pay each other off-chain through a path of payment channels (PCs). However, routing transactions comes at a cost which is proportional to the number of intermediaries, since each charges a fee for the routing service. Furthermore, analogous to other networks, malicious intermediaries in the payment path can lead to security and privacy threats. Virtual channels (VCs), i.e., bridges over PC paths, mitigate the above PCN issues, as an intermediary participates only once to set up the VC and is then excluded from every future VC transaction. However, similar to PCs, creating a VC has a cost that must be paid out of the bridged PCs' balance. Currently, we are missing guidelines to where and how many VCs to set up. Ideally, VCs should minimize transaction costs while mitigating security and privacy threats from on-path adversaries. In this work, we address for the first time the VC setup problem, formalizing it as an optimization problem. We present an integer linear program (ILP) to compute the globally optimal VC setup strategy in terms of transaction costs, security, and privacy. We then accompany the computationally heavy ILP with a fast local greedy algorithm. Our model and algorithms can be used with any on-path adversary, given that its strategy can be expressed as a set of corrupted nodes that is estimated by the honest nodes. We conduct an evaluation of the greedy algorithm over a snapshot of the Lightning Network (LN), the largest Bitcoin-based PCN. Our results confirm on real-world data that our greedy strategy minimizes costs while protecting against security and privacy threats of on-path adversaries. These findings may serve the LN community as guidelines for the deployment of VCs.

翻译：支付通道网络（PCN）是解决无许可区块链可扩展性问题最有前景的方案之一，它允许参与方通过由多个支付通道（PC）组成的路径进行链下支付。然而，路由交易会产生与中介数量成正比的成本，因为每个中介都会收取路由服务费。此外，与其他网络类似，支付路径中的恶意中介可能导致安全与隐私威胁。虚拟通道（VC）作为PC路径上的桥梁，能够缓解上述PCN问题——中介仅需参与一次VC的建立，后续所有VC交易均不再经过该中介。然而，与PC类似，建立VC需要消耗桥接PC的余额作为成本。目前，我们缺乏关于在何处以及建立多少VC的指导原则。理想情况下，VC应在最小化交易成本的同时，减轻路径上恶意攻击者带来的安全与隐私威胁。本文首次提出并形式化了VC建立问题，将其建模为优化问题。我们设计了整数线性规划（ILP）来计算全局最优的VC建立策略，该策略综合考虑交易成本、安全性与隐私保护。随后，我们提出一种快速的局部贪心算法以替代计算密集型的ILP模型。本模型与算法可适用于任何路径上的恶意攻击者，只需将其攻击策略表示为诚实节点估计的一组受损节点。我们在比特币最大PCN——闪电网络（LN）的快照数据上评估了贪心算法。实际数据验证表明，我们的贪心策略能在最小化成本的同时，抵御路径上恶意攻击者的安全与隐私威胁。这些发现可作为LN社区部署VC的指导原则。