TEE-based distributed watchtowers for fraud protection in the Lightning Network

The Lightning Network is a payment channel network built on top of the cryptocurrency Bitcoin. It allows Bitcoin to scale by performing transactions off-chain to reduce load on the blockchain. Malicious payment channel participants can try to commit fraud by closing channels with outdated balances. The Lightning Network allows resolving this dispute on the blockchain. However, this mechanism forces the channels' participants to watch the blockchain in regular intervals. It has been proposed to offload this monitoring duty to a third party, called a watchtower. However, existing approaches for watchtowers do not scale as they have storage requirements linear in the number of updates in a channel. In this work, we propose TEE Guard, a new architecture for watchtowers that leverages the features of Trusted Execution Environments to build watchtowers that require only constant memory and are thus able to scale. We show that TEE Guard is deployable because it can run with the existing Bitcoin and Lightning Network protocols. We also show that it is economically viable for a third party to provide watchtower services. As a watchtower needs to be trusted to be watching the blockchain, we also introduce a mechanism that allows customers to verify that a watchtower has been running continuously.