TumbleBit is a second-layer payment system for bitcoin that draws headlines for privacy improvements, but the technology reaches beyond that single feature. The protocol could expand bitcoin's reach t
TumbleBit is a second-layer payment system for bitcoin that draws headlines for privacy improvements, but the technology reaches beyond that single feature. The protocol could expand bitcoin's reach to far more users without changes to the base layer, though activating Segregated Witness would strengthen the approach. Ethan Heilman, a co-author of the original white paper, envisions the system's true potential: trustless banks that operate on bitcoin. In an interview with MiningPool, Heilman described how TumbleBit takes proven privacy concepts from past digital cash systems and builds them atop bitcoin's censorship-resistant foundation. Bitcoin gets credited with anonymity, instant payments, and near-zero fees; TumbleBit would deliver on these.
The Hub Structure
TumbleBit's architecture centers on payment channels that route through a single hub, which functions as a payment processor that can't betray its users. "A payment hub is basically a bank that can't steal from you," Heilman explained to MiningPool. He offered a concrete example: "Someone like Coinbase could become a payment hub, enabling off-blockchain payments. They already do this—Coinbase to Coinbase payments are just a database row update, but they are trusted. So a TumbleBit hub is an untrusted Coinbase with privacy."
Payment channel hubs can function in theory, but TumbleBit adds a critical component: the hub gains no visibility into where money travels. Hubs work better with Segregated Witness on the network. Users deposit bitcoin into the hub in a way that prevents theft and hides their activity from the hub. The hub generates revenue through transaction fees. Transactions between hub users skip the blockchain. Opening an account requires an on-chain transaction. Disputes also require one. Without SegWit, users need more on-chain transactions. "The end goal is private, bidirectional payment channels, but that requires more research to figure out how to do it with bitcoin," Heilman said.
Where TumbleBit Falls Short
The system has real tradeoffs. Users face the most serious risk of lost funds. Heilman explained the scenario: "For a user to lose bitcoins, he must not get his transactions into the blockchain and the hub must try to cheat him." If a hub attempts fraud, the user gets a window to broadcast a transaction proving the hub's misconduct. Broadcast in time, and the attempted theft fails. Miss the window, and the user loses whatever funds flowed through that hub connection. "This is an issue with all current layer two protocols, although I believe it can be overcome," Heilman noted. "If a user can't post to the blockchain during the window of time in which they are supposed to—say one week—they forfeit those funds."
The Lightning Network faces an identical problem. Full blocks amplify the danger: getting a transaction confirmed within a strict timeframe becomes harder when space is scarce. TumbleBit handles this better than Lightning, though. "In the Lightning Network, your counterparty is some random node; in TumbleBit your counterparty is a known entity," Heilman explained. TumbleBit hubs operate as actual businesses. They serve customers with business-like reliability. A random node on the Lightning Network has no reputation or recourse if it acts against a user's interest. Yet the system must remain trustless regardless of entity identity.
Proposed fixes exist. An adaptive block size would let miners grow capacity when users struggle to broadcast time-sensitive transactions. Users might reserve block space in advance as protection. Blockstream CTO Greg Maxwell proposed the most intriguing solution, which now appears in the Lightning Network white paper as well. Maxwell called it a "timestop." When blocks fill up, miners pause the countdown giving users a window to broadcast time-sensitive transactions. As Maxwell wrote on Reddit, this "[turns] the security risk into more hold-up delay in the event of a DoS attack."
If a hub disappears, users face a second failure mode. They endure a waiting period until the locktime on their deposited coins expires. "With SegWit this locktime can be hours; without SegWit, the locktime would be a few days to maybe two weeks," said Heilman. These issues aside, bitcoin users would choose a TumbleBit hub over on-chain broadcasting in many scenarios. Speed improves, costs fall, and privacy increases.
