An Introduction to Second Layer Protocols

Second layer protocols are scalability or privacy enhancements that reduce the amount of transactions published on a given blockchain, while still relying on the consensus algorithm of the parent chain to achieve certain security guarantees. Second layer protocols are also referred to as off-chain protocols as most of the communication happens outside of the parent blockchain. Thanks to this, second layer protocols typically provide higher scalability and transaction throughput than the parent chain, as well as lower fees.

This article provides an overview on second layer protocols in blockchains, and is based on the paper “SoK : Off The Chain Transactions” by Lewis Gudgeon et al. Although there are numerous types of second layer protocols, this article will focus on two broad categories: channels and commit-chains. In channels, users mostly communicate directly between each other, and interact with the parent chain only in very specific cases. In contrast to this, in commit-chains, users mostly interact with a centralized entity called the operator, which interacts with the parent chain when necessary.

Channels

Channels can be payment or state channels. Payment channels are used only to transfer value, while state channels can communicate arbitrary state transitions of a state-machine. Channels consist of three main stages:

• Establishment: the involved parties create a channel between them by locking collateral on the parent chain. This needs to be a unanimous decision.
• Transitions: the members of the channel collectively agree on state transitions without interacting with the parent chain.
• Closure or disputes: the members of the channel collectively agree on a final channel state and close it on the parent chain, or open a dispute on the parent chain to enforce closure without an agreement.

Channels increase transaction throughput because users only interact with the parent chain at the establishment and closure stages. In terms of security guarantees, channels provide balance security, which means that users can always withdraw the agreed balance from the channel, and state progression, which means that users can always enforce agreed state transitions on the parent chain. In order to provide balance security, channels require users to lock the full amount of money in the channel as collateral on the parent chain at the establishment stage. While at the closure stage, channels provide a time period in which users can dispute state transitions on the parent chain. This is to avoid malicious parties from publishing wrong or outdated states. In order to decide which is the final valid state, channels make use of state replacement techniques. The most common state replacement techniques are:

• Replacement by incentive: when parties are incentivized to publish the latest state on the parent chain because it is the state that pays them the highest value.
• Replacement by time lock: when each state transition is associated with a time lock of a decreasing duration, such that the latest state transition can be published on the parent chain before any older state transitions.
• Replacement by revocation: when users revoke old states after agreeing in a new state transition.
• Replacement by version: when each state transition is associated with an increasing version number, such that the parent chain can always give preference to the state with the highest version number.

The dispute mechanism means that users in a channel need to continuously monitor the parent chain to ensure that other parties do not try to prematurely close the channel in an invalid state. Although this continuous monitoring can be externalized to third parties (i.e., watchtowers), it is a major drawback of channels as their correct functioning depends on someone always being online.

Members of a channel typically interact with each other directly. However, there are ways of routing payments through a network of channels, allowing communication between users that do not share a channel between them, as in Payment Channel Networks (PCNs). Nevertheless, these routing mechanisms introduce certain complexity on the channel infrastructure and have their own limitations. A way of mitigating some of the limitations of routing algorithms is using channel hubs, which are entities that share channels with a large number of users. Routing payments through channel hubs is less complex than routing through an arbitrary network of channels, but also introduces a centralized point of failure and reduces user’s privacy, among other limitations.

Commit-chains

Commit-chains differ from channels in the presence of a centralized entity called the operator. In this sense, commit-chains are similar to channel hubs, but include a series of mechanisms to address some of their limitations.

In commit-chains, users do not interact with each other directly, but through the operator. The operator can be a single entity or a federation, and does not need to be trusted. Commit-chains provide security guarantees even if the operator is compromised or misbehaves. The operator maintains an alternative chain called the commit-chain and periodically updates the parent chain using checkpoints or commits. Users join a commit-chain by contacting the operator and can leave at any time. Once joined, users submit transactions to the operator, which registers state transitions on the commit-chain. Since the operator updates the parent chain periodically, commit-chains do not provide instant transaction finality. This means that transactions in a commit-chain are not final until a checkpoint is published on the parent chain.

Similar to channels, commit-chains provide balance security, meaning that users can always withdraw their agreed balance using an on-chain dispute. However, commit-chains do not guarantee state progression by default because transactions are not final until published on the parent chain. Some commit-chains are able to guarantee state progression if the operator allocates an amount of collateral for each user in the commit-chain. Finally, commit-chains provide two main mechanisms for ensuring checkpoint integrity: fraud proofs and zero-knowledge proofs. Fraud proofs are similar to channels in that there is a time period in which the validity of a checkpoint can be challenged on the parent chain. During this period, checkpoints can be reverted if anyone provides proof that they are invalid. In contrast to this, zero-knowledge proofs provide a mechanism in which only valid checkpoints can be accepted on the parent chain.

Depending on the commit-chain implementation, users might be required to monitor the parent chain at least once per checkpoint. Another limitation in commit-chains is the data availability requirement. In order to be able to exit a commit-chain, users must store data related to their transactions in case off-chain data is withheld by the operator. This requirement has been addressed by roll-ups, which publish all the necessary data on the parent chain.

Conclusions

Second layer protocols increase the scalability of blockchains by reducing the amount of information that is published on the parent chain or by reducing the amount of computation performed by the parent chain, while relying on it to provide certain security guarantees. This article gives an overview of two main types of second layer solutions for blockchains: channels and commit-chains. However, other protocols exist, such as state chains and overlay chains. Each second layer protocol and implementation provides its own benefits and limitations. The most appropriate solution depends on the requirements of each specific use case.

References

Gudgeon, L., Moreno-Sanchez, P., Roos, S., McCorry, P., & Gervais, A. (2019). SoK: Off The Chain Transactions. IACR Cryptol. ePrint Arch., 2019, 360.

Chainlink and IC3 Meetup with Dr. Patrick McCorry — Deep-dive Into Off-Chain Protocols — https://www.youtube.com/watch?v=DfgYfVZWREo