π
Original date posted:2022-11-26
π Original message:
On 2022-11-21 14:26, Antoine Riard wrote:
>> Clara Shikhelman wrote:
>> 4. How would these tokens work with blinded paths and other
>> privacy-preserving suggestions?
>
> Primarily, the tokens could use the new onion messages and blinded
> paths for the dissemination and renewal rounds. Current design assumes
> they're attached to the HTLC during forward along the payment path,
> though I think one design alternative could be completely detached,
> and the HTLC onion just contains a ref to the tokens.
I'm not sure I understand this answer, so I'll explain in my own words
and kindly ask that you tell me if I'm wrong or missing something
important.
If Alice wants to pay Zed using a blinded path where Zed chooses
terminal channels W->X->Y->Zed, then Zed will need to provide to Alice
the encrypted credential tokens for X, and Y. In theory, if Alice
controls node Y, she can prevent the HTLC from settling and so waste the
value of Zed's provided tokens for node X. However, Alice shouldn't
know where Zed's node is in the LN topography and can't be assured that
he'll forward through her secondary node, so the attack is uncertain to
work. The attack may also have a cost---Alice may need to buy
credential tokens for node W and the hops leading to it from her primary
node---with that cost mitigating the chance of the attack and the
likelihood that it would be profitable.
Thank you both for the interesting proposal and the insightful
questions!,
-Dave
David A. Harding [ARCHIVE] /
npub16dβ¦x4wrd
2023-06-09 13:07:26
in reply to nevent1qβ¦telf
Author Public Key
npub16dt55fpq3a8r6zpphd9xngxr46zzqs75gna9cj5vf8pknyv2d7equx4wrdPublished at
2023-06-09 13:07:26Event JSON
{
"id": "d6eaf7918af066d1773b64a2a0d841c8ab39a73e720531177c154d2394e73766",
"pubkey": "d3574a24208f4e3d0821bb4a69a0c3ae842043d444fa5c4a8c49c369918a6fb2",
"created_at": 1686316046,
"kind": 1,
"tags": [
[
"e",
"9c3a63b3566ad83b1efc2410b067702e12877b167df07023410314f65ebf754b",
"",
"root"
],
[
"e",
"82a71c44d49d62dd79158ae986f75ef598174c80db6d60cff439388a34578378",
"",
"reply"
],
[
"p",
"6485bc56963b51c9043d0855cca9f78fcbd0ce135a195c3f969e18ca54a0d551"
]
],
"content": "π
Original date posted:2022-11-26\nπ Original message:\nOn 2022-11-21 14:26, Antoine Riard wrote:\n\u003e\u003e Clara Shikhelman wrote:\n\u003e\u003e 4. How would these tokens work with blinded paths and other\n\u003e\u003e privacy-preserving suggestions?\n\u003e \n\u003e Primarily, the tokens could use the new onion messages and blinded\n\u003e paths for the dissemination and renewal rounds. Current design assumes\n\u003e they're attached to the HTLC during forward along the payment path,\n\u003e though I think one design alternative could be completely detached,\n\u003e and the HTLC onion just contains a ref to the tokens.\n\nI'm not sure I understand this answer, so I'll explain in my own words \nand kindly ask that you tell me if I'm wrong or missing something \nimportant.\n\nIf Alice wants to pay Zed using a blinded path where Zed chooses \nterminal channels W-\u003eX-\u003eY-\u003eZed, then Zed will need to provide to Alice \nthe encrypted credential tokens for X, and Y. In theory, if Alice \ncontrols node Y, she can prevent the HTLC from settling and so waste the \nvalue of Zed's provided tokens for node X. However, Alice shouldn't \nknow where Zed's node is in the LN topography and can't be assured that \nhe'll forward through her secondary node, so the attack is uncertain to \nwork. The attack may also have a cost---Alice may need to buy \ncredential tokens for node W and the hops leading to it from her primary \nnode---with that cost mitigating the chance of the attack and the \nlikelihood that it would be profitable.\n\nThank you both for the interesting proposal and the insightful \nquestions!,\n\n-Dave",
"sig": "002c924c732d29fa9a535d734fed6f1b58fb7594bcc3e31f0412dfdfea434f4ec442f81964496c8e867dac9a144934b0a2d17be4753728374e38ebd56daf04b7"
}