Bitcoin Problems

A repository of open Bitcoin research problems.


Bitcoin Problems is a community managed list of open research problems that, if solved, would have positive impact on the evolution of Bitcoin. Its purpose to help align the efforts of researchers and the needs of Bitcoin protocol developers. To contribute to the effort open an issue or pull request at the respository.

Open Problems

PTLC Cycle Jamming (lightning)

In Point Time Locked Contract (PTLC) based Lightning channels the lock is randomized at each hop so that two malicious nodes separated by at least one honest node in a payment path cannot use the lock to determine whether the PTLCs are part of the same payment. Unfortunately, this seems to make PTLCs a little bit too unlinkable – it allows a malicious sender to create a single payment that cycles multiple times through a target pair of honest nodes significantly reducing the capacity between them for a small cost to the attacker. As in an ordinary jamming attack the malicious receiver then refuses to unlock the payment leaving the funds locked along the path until timeout. The honest nodes cannot detect the attack for the same reason that it preserves privacy: each incoming PTLC cannot be linked to any previous one.

Removing cross-layer links (lightning, privacy)

When two lightning nodes wish to inform their peers about changes in the capacity between them they broadcast a channel_announcement or channel_update gossip message. These messages both point to an on-chain UTXO through their short_channel_id field along with the nodes involved (and signatures from all keys). This creates a cross-layer link between the nodes in the layer-2 network and the outputs on the layer-1 blockchain. These cross-layer links are a privacy leak.

Simple Secure Tumbler (privacy)

Tumblers are services that offer users coin swaps in a privacy preserving way. A coin swap protocol lets Alice make a payment to Bob, not by sending it directly but instead sending the coins to Carol who sends completely unrelated coins to Bob. Coin swap protocols guarantee that no party has a way of stealing money – either Bob gets Carol’s coins and Carol gets Alice’s or the coins are returned. Blockchain observers should be unable to easily link the payment from Alice to Carol with the payment from Carol to Bob.