Verifiable Timed Signatures Made Practical

A verifiable timed signature (VTS) scheme allows one to time-lock a signature on a known message for a given amount of time T such that after performing a sequential computation for time T anyone can extract s from the time-lock. Verifiability ensures that anyone can publicly check if a time-lock contains a valid signature on m without solving it first, and that the signature can be obtained by solving the same for time T. This work formalizes VTS, presents efficient constructions compatible with BLS, Schnorr, and ECDSA signatures, and experimentally demonstrates that (unlike the predecessors) our constructions can be employed in practice. On a technical level, we design an efficient cut-and-choose protocol based on the recently proposed homomorphic time-lock puzzles to prove the validity of a signature encapsulated in a time-lock puzzle. We also present a new efficient range proof protocol that significantly improves upon existing proposals in terms of the proof size, and is of independent interest. VTS is a versatile tool with numerous existing applications. In this work, we demonstrate VTS’s applicability to resolve three challenging issues in the space of cryptocurrencies. Specifically, we show how VTS is the cryptographic cornerstone to construct: (i) Payment channel networks with improved on-chain unlinkability of users involved in a transaction, (ii) multi-party signing of transactions for cryptocurrencies without any on-chain notion of time and (iii) cryptocurrency-enabled fair multi-party computation protocol.