📅 Original date posted:2018-11-04
📝 Original message:
Imagine a future where some powerful participant in the Lightning
network starts enforcing KyC requirements on Lightning nodes. It
requires its direct neighbors to reveal their identity or else closes
channels to them. Next, it asks its direct neighbors to reveal the
identity of their direct neighbors (or close their channels), with the
threat of either channel closure, or (using the now-known identity)
more extreme penalties.
I guess this would lead to a split of the Lightning network into a
compliant and a non-compliant part, with no ability to perform payments
between the two. If we want to keep the Lightning network inclusive,
anonymous and free of central authorities who can impose arbitrary
rules, this is an undesirable scenario.
The enabler of this scenario is the fact that, to allow source routing,
we need a public channel map of the network.
We have a sort-of-a counter measure called "private channels", which
are channels that exist, but whose existence is not published. A
private channel might bridge the gap between a compliant and a non-
compliant part of the network, but it has a problem: in order to allow
payments from one side to the other, the payer has to know about the
private channel. If there are lots of payers who have to cross the gap
and use the private channel, the existence of the private channel will
leak out sooner or later. The node owner on the compliant side of the
private channel, presumably having violated the rules by operating a
private channel, risks penalties. Therefore, I think private channels
are not a very suitable way to keep the network undivided and inclusive
and to bridge the gap between different regulatory/non-regulatory
domains.
I propose another solution: rendez-vous routing. The idea is that the
payee chooses one or more routes from certain third-party nodes in the
network to himself and passes sphinx-encrypted blobs for those routes
to the payer (for instance, as part of a payment request). The payer
completes the route by finding routes from himself to those third-party
nodes, and tries to perform the payment over these routes. Of course,
payee has to tell payer how many hops payer may add to a route,
somewhat revealing how much privacy payee wants for himself.
I believe this approach has the following properties:
* It is a superset of the regular approach to routing: the old approach
is simply the special case where payee defines 0 of the 20 hops.
* Payee may lead the route over private channels without revealing the
existence of those private channels to payers. Of course the private
channel still needs to be known to payee; it is probably most realistic
that such private channels are operated by payee himself.
* The payee node may still be a node inside the "compliant" section of
the network; it's just that nobody (not even payer) can see which node
it is. So, even when your node is linked to your identity, your
activities (even as payee) are not linked to your identity.
I guess we already discussed this before, but I just wanted to have a
clear place to discuss this idea, and I couldn't find any clear past
discussion about this in the mailing list.
There might be alternative approaches, such as not routing between
incompatible regulatory domains, but simply having nodes on each
network if you need to, and simply move funds on-chain between your
nodes whenever needed. That will require on-chain mixing though.
CJP
CJP [ARCHIVE] /
npub13q…cuzdm
2023-06-09 12:52:07
in reply to nevent1q…qe5g
Author Public Key
npub13q863scgpsaanrjhfn7dd4h48lgnupgkcs828arzj4pckrq8hh6s4cuzdmPublished at
2023-06-09 12:52:07Event JSON
{
"id": "b60a9c439ef076ca8cd659bdb55b6ed69255d598e1c78bb209dfd7373e31080b",
"pubkey": "880fa8c3080c3bd98e574cfcd6d6f53fd13e0516c40ea3f46295438b0c07bdf5",
"created_at": 1686315127,
"kind": 1,
"tags": [
[
"e",
"592517461d2388cb6daa0eaf59e03e4207dbca848edb9b0b5038bad8ed99bd4e",
"",
"reply"
],
[
"p",
"9456f7acb763eaab2e02bd8e60cf17df74f352c2ae579dce1f1dd25c95dd611c"
]
],
"content": "📅 Original date posted:2018-11-04\n📝 Original message:\nImagine a future where some powerful participant in the Lightning\nnetwork starts enforcing KyC requirements on Lightning nodes. It\nrequires its direct neighbors to reveal their identity or else closes\nchannels to them. Next, it asks its direct neighbors to reveal the\nidentity of their direct neighbors (or close their channels), with the\nthreat of either channel closure, or (using the now-known identity)\nmore extreme penalties.\n\nI guess this would lead to a split of the Lightning network into a\ncompliant and a non-compliant part, with no ability to perform payments\nbetween the two. If we want to keep the Lightning network inclusive,\nanonymous and free of central authorities who can impose arbitrary\nrules, this is an undesirable scenario.\n\nThe enabler of this scenario is the fact that, to allow source routing,\nwe need a public channel map of the network.\n\nWe have a sort-of-a counter measure called \"private channels\", which\nare channels that exist, but whose existence is not published. A\nprivate channel might bridge the gap between a compliant and a non-\ncompliant part of the network, but it has a problem: in order to allow\npayments from one side to the other, the payer has to know about the\nprivate channel. If there are lots of payers who have to cross the gap\nand use the private channel, the existence of the private channel will\nleak out sooner or later. The node owner on the compliant side of the\nprivate channel, presumably having violated the rules by operating a\nprivate channel, risks penalties. Therefore, I think private channels\nare not a very suitable way to keep the network undivided and inclusive\nand to bridge the gap between different regulatory/non-regulatory\ndomains.\n\nI propose another solution: rendez-vous routing. The idea is that the\npayee chooses one or more routes from certain third-party nodes in the\nnetwork to himself and passes sphinx-encrypted blobs for those routes\nto the payer (for instance, as part of a payment request). The payer\ncompletes the route by finding routes from himself to those third-party \nnodes, and tries to perform the payment over these routes. Of course,\npayee has to tell payer how many hops payer may add to a route,\nsomewhat revealing how much privacy payee wants for himself.\n\nI believe this approach has the following properties:\n* It is a superset of the regular approach to routing: the old approach\nis simply the special case where payee defines 0 of the 20 hops.\n* Payee may lead the route over private channels without revealing the\nexistence of those private channels to payers. Of course the private\nchannel still needs to be known to payee; it is probably most realistic\nthat such private channels are operated by payee himself.\n* The payee node may still be a node inside the \"compliant\" section of\nthe network; it's just that nobody (not even payer) can see which node\nit is. So, even when your node is linked to your identity, your\nactivities (even as payee) are not linked to your identity.\n\nI guess we already discussed this before, but I just wanted to have a\nclear place to discuss this idea, and I couldn't find any clear past\ndiscussion about this in the mailing list.\n\nThere might be alternative approaches, such as not routing between\nincompatible regulatory domains, but simply having nodes on each\nnetwork if you need to, and simply move funds on-chain between your\nnodes whenever needed. That will require on-chain mixing though.\n\nCJP",
"sig": "1149415d772604453dab47704e0cc5d677a5e8cd6197619ddc29022b5677e975f476741d9513cb850309adab836712cfe159887c0b78657d1e1f8d8d443019a0"
}