Hot wallet protection using a layer-2 blockchain network

What is claimed is: 1. A system comprising: a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising: establishing, via a layer two network of a cryptocurrency blockchain, a payment channel for transferring a cryptocurrency balance from a first digital wallet associated with a service provider to a second digital wallet associated with a trusted entity; initiating, via the established payment channel, a plurality of commitment transactions for transferring the cryptocurrency balance from the first digital wallet to the second digital wallet, wherein each of the service provider and the trusted entity maintains a transaction log that represents a current transaction state of the payment channel after each commitment transaction; transmitting, to the trusted entity via a secure communication channel previously established between the service provider and the trusted entity outside of the layer two network, a transaction receipt for an amount of the cryptocurrency balance transferred as part of each commitment transaction; modifying the transaction log of the service provider over the plurality of commitment transactions so that the transaction log of the service provider no longer represents the current transaction state of the payment channel; detecting a breach of the first digital wallet associated with the service provider; and responsive to the detected breach, broadcasting a transaction to a layer one network of the cryptocurrency blockchain for transferring a total amount of the cryptocurrency balance from the first digital wallet to the second digital wallet. 2. The system of claim 1 , wherein the updating comprises: deleting the transaction receipt from the transaction log maintained by the service provider for the payment channel when the commitment transaction is not a first of the plurality of commitment transactions so that the transaction log of the service provider represents a previous transaction state of the payment channel and only the transaction log of the trusted entity represents the current transaction state of the payment channel. 3. The system of claim 1 , wherein the cryptocurrency blockchain is a Bitcoin cryptocurrency blockchain and the layer two network is a Lightning network of the Bitcoin cryptocurrency blockchain. 4. The system of claim 1 , wherein the breach is detected by the service provider based on a notification received from the trusted entity via the secure communication channel. 5. The system of claim 4 , wherein the payment channel is established between corresponding nodes of the service provider and the trusted entity in the layer two network of the cryptocurrency blockchain, and the notification received from the trusted entity is used to identify a compromised node of the service provider in the layer two network at which the breach of the first digital wallet is detected. 6. The system of claim 5 , wherein the operations further comprise: configuring a new node in the layer two network for the first digital wallet associated with the service provider; transferring the first digital wallet from the compromised node to the new node of the service provider configured in the layer two network; and reestablishing the payment channel between the new node of the service provider and the corresponding node of the trusted entity in the layer two network. 7. The system of claim 1 , wherein the trusted entity is a first trusted entity among a plurality of trusted entities associated with the service provider, and wherein the payment channel is a first payment channel among a plurality of payment channels for routing the cryptocurrency balance from the first digital wallet of the service provider to corresponding digital wallets of the plurality of trusted entities via the layer two network. 8. The system of claim 7 , wherein the first payment channel is established with a first hash time locked contract (HTLC) between the service provider and the first trusted entity, the first HTLC including a first specified time limit for the first trusted entity to close the first payment channel, and wherein the operations further comprise: transmitting a request to the first trusted entity to establish a second payment channel with a second HTLC between the first trusted entity and a second trusted entity, the second HTLC including a second specified time limit for the second trusted entity to close the second payment channel. 9. The system of claim 8 , wherein the breach of the first digital wallet is detected prior to at least one of the first specified time limit and the second specified time limit, and the operations further comprise: transmitting instructions to the first trusted entity and the second trusted entity to close the respective first and second payment channels. 10. The system of claim 9 , wherein each of the first HTLC and the second HTLC further requires a payment hash for transferring funds between the plurality of trusted entities, and the instructions for closing the respective first and second payment channels cause the second trusted entity to initiate a first transfer of funds equivalent to the cryptocurrency balance from the second digital wallet of the first trusted entity to a third digital wallet of the second trusted entity, and cause the first trusted entity to initiate a second transfer of the cryptocurrency balance from the first digital wallet of the service provider to the second digital wallet of the first trusted entity. 11. A method comprising: establishing, by a service provider via a layer two network of a cryptocurrency blockchain, a first channel for transferring a cryptocurrency balance from a first digital wallet associated with the service provider to a second digital wallet associated with a trusted entity over multiple transactions, wherein each of the service provider and the trusted entity adds a transaction receipt to a transaction log representing a transaction state of the first channel after each transaction; initiating, by the service provider via the first channel in the layer two network, a first transaction for transferring a first portion of the cryptocurrency balance from the first digital wallet to the second digital wallet; transmitting, via a second channel previously established between the service provider and the trusted entity outside of the layer two network, a first transaction receipt from the service provider to the trusted entity; initiating, by the service provider via the first channel, one or more second transactions for transferring one or more second portions of the cryptocurrency balance from the first digital wallet to the second digital wallet; transmitting, via the second channel, one or more second transaction receipts from the service provider to the trusted entity, the one or more second transaction receipts corresponding to the one or more second portions of the cryptocurrency balance transferred from the first digital wallet to the second digital wallet; deleting a last of the one or more second transaction receipts from the transaction log of the service provider so that the transaction log of the service provider represents a previous transaction state of the first channel; detecting, by the service provider, a breach of the first digital wallet; and responsive to the detected breach, broadcasting a transaction to a layer one network of the cryptocurrency blockchain for transferring a total amount of the cryptocurrency balance from the first digital wallet to the second digital wallet. 12. The