š
Original date posted:2018-07-05
š Original message:
Good morning all,
> > What's the nasty compromise?
> >
> > Let's also not underestimate how big of an update switching to dlog based
> >
> > HTLCs will be.
>
> Was referring to losing proof-of-payment; that's vital in a system
>
> without intermediaries. We have to decide what the lesser evil is.
Without the inherent ZKCP, it becomes impossible to build a trustless off-to-on/on-to-offchain bridge, since a trustless swap outside of Lightning becomes impossible. To my mind, ZKCP is an important building block in cryptocurrency: it is what we use in Lightning for routing. Further, ZKCP can be composed together to form a larger ZKCP, which again is what we use in Lightning for routing.
The ZKCP here is what lets LN endpoint to interact with the chain and lets off-to-on/on-to-offchain bridges to be trustless.
off/onchain bridges are important as they provide:
1. Incoming channels: Get some onchain funds from cold storage (or borrowed), create an outgoing channel (likely to the bridge for best chance of working), then ask bridge for an invoice to send money to an address you control onchain. The outgoing channel capacity becomes incoming capacity, you get (most of) your money back (minus fees) onchain.
2. Reloading spent channels. Give bridge an invoice and pay to the bridge to trigger it reloading your channel.
3. Unloading full channels. If you earn so much money (minus what you spend on expenses, subcontractors, employees, suppliers, etc.) you can use the bridge to send directly to your cold storage.
#1 lets us leave out double-funded channels. #2 and #3 lets us leave out splice.
The interaction between bridge and Lightning is simply via BOLT11 invoices. Those provide the ZKCP necessary to make the bridge trustless.
AMP enhances such a Lightning+bridge network, since the importance of maximum channel capacity is reduced if a ZKCP-providing AMP is available. For myself, I would rather leave out AMP and double-funding and splicing than remove ZKCP.
One could imagine a semi-trusted ZKCP service for real-world items. Some semi-trusted institution provides special safeboxes for rent that can be unlocked either by seller private key after 1008 blocks, or by the recipient key and a proof-of-payment preimage (and records the preimage in some publicly-accessible website). To sell a real-world item, make a BOLT11 invoice, bring item to a safebox, lock it with appropriate keys and the invoice payment hash, give BOLT11 invoice to buyer. Buyer pays and gets proof-of-payment preimage, goes to safebox and gets item. Multi-way trades (A wants item from B, B wants item from C, C wants item from A) are just compositions of ZKCP.
>
> And yeah, I called it Schnorr-Eltoonicorn not only because it's sooooo
>
> pretty, but because actually capturing it will be a saga.
Bards shall sing about The Hunt for Schnorr-Eltoonicorn for ages, until Satoshi himself is but a vague memory of a myth long forgotten.
Regards,
ZmnSCPxj
ZmnSCPxj [ARCHIVE] /
npub1g5ā¦3ms3l
2023-06-09 12:51:04
in reply to nevent1qā¦w8y3
Author Public Key
npub1g5zswf6y48f7fy90jf3tlcuwdmjn8znhzaa4vkmtxaeskca8hpss23ms3lPublished at
2023-06-09 12:51:04Event JSON
{
"id": "9ef863d44604572ad459fcd13cf34204ff3559b95995fd90089a5302bdc695fc",
"pubkey": "4505072744a9d3e490af9262bfe38e6ee5338a77177b565b6b37730b63a7b861",
"created_at": 1686315064,
"kind": 1,
"tags": [
[
"e",
"8705da9b85f9ef58ca8afd03c294dca93ff511081b81057f36ea2baa8a76a7e6",
"",
"root"
],
[
"e",
"fe7962a1d1d430f8550b1654622cbd7a1769d44ab9ffc36a44f472b2a87de693",
"",
"reply"
],
[
"p",
"13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425"
]
],
"content": "š
Original date posted:2018-07-05\nš Original message:\nGood morning all,\n\n\u003e \u003e What's the nasty compromise?\n\u003e \u003e \n\u003e \u003e Let's also not underestimate how big of an update switching to dlog based\n\u003e \u003e \n\u003e \u003e HTLCs will be.\n\u003e \n\u003e Was referring to losing proof-of-payment; that's vital in a system\n\u003e \n\u003e without intermediaries. We have to decide what the lesser evil is.\n\nWithout the inherent ZKCP, it becomes impossible to build a trustless off-to-on/on-to-offchain bridge, since a trustless swap outside of Lightning becomes impossible. To my mind, ZKCP is an important building block in cryptocurrency: it is what we use in Lightning for routing. Further, ZKCP can be composed together to form a larger ZKCP, which again is what we use in Lightning for routing.\n\nThe ZKCP here is what lets LN endpoint to interact with the chain and lets off-to-on/on-to-offchain bridges to be trustless.\n\noff/onchain bridges are important as they provide:\n\n1. Incoming channels: Get some onchain funds from cold storage (or borrowed), create an outgoing channel (likely to the bridge for best chance of working), then ask bridge for an invoice to send money to an address you control onchain. The outgoing channel capacity becomes incoming capacity, you get (most of) your money back (minus fees) onchain.\n2. Reloading spent channels. Give bridge an invoice and pay to the bridge to trigger it reloading your channel.\n3. Unloading full channels. If you earn so much money (minus what you spend on expenses, subcontractors, employees, suppliers, etc.) you can use the bridge to send directly to your cold storage.\n\n#1 lets us leave out double-funded channels. #2 and #3 lets us leave out splice.\n\nThe interaction between bridge and Lightning is simply via BOLT11 invoices. Those provide the ZKCP necessary to make the bridge trustless.\n\nAMP enhances such a Lightning+bridge network, since the importance of maximum channel capacity is reduced if a ZKCP-providing AMP is available. For myself, I would rather leave out AMP and double-funding and splicing than remove ZKCP.\n\nOne could imagine a semi-trusted ZKCP service for real-world items. Some semi-trusted institution provides special safeboxes for rent that can be unlocked either by seller private key after 1008 blocks, or by the recipient key and a proof-of-payment preimage (and records the preimage in some publicly-accessible website). To sell a real-world item, make a BOLT11 invoice, bring item to a safebox, lock it with appropriate keys and the invoice payment hash, give BOLT11 invoice to buyer. Buyer pays and gets proof-of-payment preimage, goes to safebox and gets item. Multi-way trades (A wants item from B, B wants item from C, C wants item from A) are just compositions of ZKCP.\n\n\u003e \n\u003e And yeah, I called it Schnorr-Eltoonicorn not only because it's sooooo\n\u003e \n\u003e pretty, but because actually capturing it will be a saga.\n\nBards shall sing about The Hunt for Schnorr-Eltoonicorn for ages, until Satoshi himself is but a vague memory of a myth long forgotten.\n\nRegards,\nZmnSCPxj",
"sig": "2b3f7bca45b8327c4d813cac224b99efae4d77cb1e6f74c6c22c3f4b60235a5df1b3948ecec0032fd7346b8dfb2ba6a3ba400cee478dd25f8b0117fbe970cf03"
}