Why Nostr? What is Njump?
2023-06-09 12:40:09
in reply to

Lloyd Fournier [ARCHIVE] on Nostr: 📅 Original date posted:2021-06-13 📝 Original message: Hi Z, Thanks again for ...

📅 Original date posted:2021-06-13
📝 Original message:
Hi Z,

Thanks again for getting to the bottom of this. I think we are on the same
page except for one clarification:

On Tue, 8 Jun 2021 at 12:37, ZmnSCPxj <ZmnSCPxj at protonmail.com> wrote:


> Thus, in our model, we have the property that Bob can always recover all
> signatures sent by Alice, even if Carol is corrupted by Alice --- we model
> the signature-deletion attack as impossible, by assumption.
> (This is a strengthening of security assumptions, thus a weakening of the
> security of the scheme --- if Bob does not take the above mitigations, Bob
> ***is*** vulnerable to a signature-deletion attack and might have ***all***
> funds in hostage).
>

Only where ***all*** refers to the funds in the fast forward -- funds
consolidated into the channel balance are not at risk (modulo enforcing
correct state on chain).
I think it should be easy to get a stream of signatures so they can't be
deleted. The user "Bob" is creating and sending the invoices so they can
always demand and save the signatures from "Carol the Cashier" that
correspond to each payment so the "deletion attack" will be thwarted.

LL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20210613/fdeacd68/attachment.html>;
Author Public Key
npub1khlhcuz0jrjwa0ayznq2q9agg4zvxfvx5x7jljrvwnpfzngrcf0q7y05yp