📅 Original date posted:2020-03-10
📝 Original message:
ZmnSCPxj <ZmnSCPxj at protonmail.com> writes:
> Good morning Rusty, et al.,
>
>
>> Note that this means no payment secret is necessary, since the incoming
>> `blinding` serves the same purpose. If we wanted to, we could (ab)use
>> payment_secret as the first 32-bytes to put in Carol's enc1 (i.e. it's
>> the ECDH for Carol to decrypt enc1).
>
> I confess to not reading everything in detail, but it seems to me that, with payment point + scalar and path decorrelation, we need to establish a secret with each hop anyway (the blinding scalar for path decorrelation), so if you need a secret per hop, possibly this could be reused as well?
Indeed, this could be used the same way, though for that secret it can
simply be placed inside the onion rather than passed alongside.
Cheers,
Rusty.
Rusty Russell [ARCHIVE] /
npub1zw…hkhpx
2023-06-09 12:59:16
in reply to nevent1q…qg80
Author Public Key
npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpxPublished at
2023-06-09 12:59:16Event JSON
{
"id": "0d6fe146017975447c15d4c8de267373aae976a39cc5d9bf398ddf33718767e5",
"pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425",
"created_at": 1686315556,
"kind": 1,
"tags": [
[
"e",
"bdf43e4bc08687232ed81714c7a2374ed959a034fef2fe272a2bb53b5a09849b",
"",
"root"
],
[
"e",
"f9fa8d129361ef443b8f678f94a145868ebb1bf7a6069971ac7ac8a0e04711af",
"",
"reply"
],
[
"p",
"4505072744a9d3e490af9262bfe38e6ee5338a77177b565b6b37730b63a7b861"
]
],
"content": "📅 Original date posted:2020-03-10\n📝 Original message:\nZmnSCPxj \u003cZmnSCPxj at protonmail.com\u003e writes:\n\u003e Good morning Rusty, et al.,\n\u003e\n\u003e\n\u003e\u003e Note that this means no payment secret is necessary, since the incoming\n\u003e\u003e `blinding` serves the same purpose. If we wanted to, we could (ab)use\n\u003e\u003e payment_secret as the first 32-bytes to put in Carol's enc1 (i.e. it's\n\u003e\u003e the ECDH for Carol to decrypt enc1).\n\u003e\n\u003e I confess to not reading everything in detail, but it seems to me that, with payment point + scalar and path decorrelation, we need to establish a secret with each hop anyway (the blinding scalar for path decorrelation), so if you need a secret per hop, possibly this could be reused as well?\n\nIndeed, this could be used the same way, though for that secret it can\nsimply be placed inside the onion rather than passed alongside.\n\nCheers,\nRusty.",
"sig": "7c20ab1c2a7d25588fb0bedd70fd3255dbf0d01db6f104bfc7e56046098a2c7e056932fc4f1dd3aaf3196d6a7b7f843c01a573a713d63464106ae691ecc4c3f8"
}