📅 Original date posted:2018-11-05
📝 Original message:
Rusty,
In your proposal, I guess it is more or less widely known that Bob is
providing this forwarding service. Wouldn't Bob risk being excluded
from the side of the network with the more harsh regulatory conditions,
based on this knowledge? Bob might actually face even worse penalties
for providing such a service.
The nice thing about rendez-vous routing is that *any* forwarding node
can be a rendez-vous point, and even the node itself wouldn't know
about it. The case where a payment is routed from and to the same
channel could be a hint though: normally that makes no sense, but if
payer and payee make their part of the route independently, the
combined route can often end up like that. TODO: check if forwarding
nodes are currently cool with such weird forwarding requests.
CJP
Rusty Russell schreef op ma 05-11-2018 om 10:56 [+1030]:
> CJP <cjp at ultimatestunts.nl> writes:
> > > Looking through BOLT 4, the text assumes inherently that source
> > > routing is done, and even has a shared secret between hop and
> > > source. However, it may be possible in rendezvous routing to
> > > simply
> > > provide the blinding key (while hiding everything beyond the
> > > first
> > > hop on the destination half of the route).
> >
> > Sounds like it makes sense; I need to look into it.
>
> Here's my attempt to design a "merchant forward" service using stuff
> we
> have today.
>
> Alice wants to remain anonymous, even from the lightning
> network. Bob's
> node offers a forwarding service. Alice pays Bob (base +
> percentage?),
> gives a path Bob->Alice, and Bob gives Alice a short-channel-id
> (BobAliceSCID) and privkey to use (BobAliceSecretKey). Anything sent
> from Bob to this short channel id and pubkey is in fact forwarded via
> a
> new HTLC to Alice.
>
> Alice identity BobAliceKey to create an invoice, with a route-hint to
> say pubkey=Bob, short_channel_id=BobAliceSCID. Alice can sign
> that invoice, and Bob can decode the incoming payment, from which it
> creates a new HTLC to pay Alice. The payer doesn't even know this
> arrangement exists: it looks exactly like Alice has a private channel
> with Bob.
>
> The minor downside: because we conflate invoice keys (Alice needs)
> and
> onion keys (Bob needs), Bob can now issue invoices as Alice. It's
> not
> very useful, since Alice won't honor them, but it is an argument for
> a separate invoice key in future.
>
> Cheers,
> Rusty.
CJP [ARCHIVE] /
npub13q…cuzdm
2023-06-09 12:52:08
in reply to nevent1q…j0nm
Author Public Key
npub13q863scgpsaanrjhfn7dd4h48lgnupgkcs828arzj4pckrq8hh6s4cuzdmPublished at
2023-06-09 12:52:08Event JSON
{
"id": "8a65270401896bcce21cd94dafa75d0b8328076907f0fdd277d797d9452a65a1",
"pubkey": "880fa8c3080c3bd98e574cfcd6d6f53fd13e0516c40ea3f46295438b0c07bdf5",
"created_at": 1686315128,
"kind": 1,
"tags": [
[
"e",
"592517461d2388cb6daa0eaf59e03e4207dbca848edb9b0b5038bad8ed99bd4e",
"",
"root"
],
[
"e",
"1f914643644cd145a8985bc1d3ef46d60855ca9e6f1ff36e1da8ba4c3a5c807a",
"",
"reply"
],
[
"p",
"4505072744a9d3e490af9262bfe38e6ee5338a77177b565b6b37730b63a7b861"
]
],
"content": "📅 Original date posted:2018-11-05\n📝 Original message:\nRusty,\n\nIn your proposal, I guess it is more or less widely known that Bob is\nproviding this forwarding service. Wouldn't Bob risk being excluded\nfrom the side of the network with the more harsh regulatory conditions,\nbased on this knowledge? Bob might actually face even worse penalties\nfor providing such a service.\n\nThe nice thing about rendez-vous routing is that *any* forwarding node\ncan be a rendez-vous point, and even the node itself wouldn't know\nabout it. The case where a payment is routed from and to the same\nchannel could be a hint though: normally that makes no sense, but if\npayer and payee make their part of the route independently, the\ncombined route can often end up like that. TODO: check if forwarding\nnodes are currently cool with such weird forwarding requests.\n\nCJP\n\n\nRusty Russell schreef op ma 05-11-2018 om 10:56 [+1030]:\n\u003e CJP \u003ccjp at ultimatestunts.nl\u003e writes:\n\u003e \u003e \u003e Looking through BOLT 4, the text assumes inherently that source\n\u003e \u003e \u003e routing is done, and even has a shared secret between hop and\n\u003e \u003e \u003e source. However, it may be possible in rendezvous routing to\n\u003e \u003e \u003e simply\n\u003e \u003e \u003e provide the blinding key (while hiding everything beyond the\n\u003e \u003e \u003e first\n\u003e \u003e \u003e hop on the destination half of the route).\n\u003e \u003e \n\u003e \u003e Sounds like it makes sense; I need to look into it.\n\u003e \n\u003e Here's my attempt to design a \"merchant forward\" service using stuff\n\u003e we\n\u003e have today.\n\u003e \n\u003e Alice wants to remain anonymous, even from the lightning\n\u003e network. Bob's\n\u003e node offers a forwarding service. Alice pays Bob (base +\n\u003e percentage?),\n\u003e gives a path Bob-\u003eAlice, and Bob gives Alice a short-channel-id\n\u003e (BobAliceSCID) and privkey to use (BobAliceSecretKey). Anything sent\n\u003e from Bob to this short channel id and pubkey is in fact forwarded via\n\u003e a\n\u003e new HTLC to Alice.\n\u003e \n\u003e Alice identity BobAliceKey to create an invoice, with a route-hint to\n\u003e say pubkey=Bob, short_channel_id=BobAliceSCID. Alice can sign\n\u003e that invoice, and Bob can decode the incoming payment, from which it\n\u003e creates a new HTLC to pay Alice. The payer doesn't even know this\n\u003e arrangement exists: it looks exactly like Alice has a private channel\n\u003e with Bob.\n\u003e \n\u003e The minor downside: because we conflate invoice keys (Alice needs)\n\u003e and\n\u003e onion keys (Bob needs), Bob can now issue invoices as Alice. It's\n\u003e not\n\u003e very useful, since Alice won't honor them, but it is an argument for\n\u003e a separate invoice key in future.\n\u003e \n\u003e Cheers,\n\u003e Rusty.",
"sig": "81323b3ae26e00a33dc9d6b7eec2d3c8111c72b1dc557f873a635ff573e927fc77ca10a98ccdf51724c5a43929cf7bf508afe2aa1b5757e2a22deb9dac141a0c"
}