📅 Original date posted:2015-07-02
📝 Original message:
Hi Rusty and Stephen,
On Tue, Jun 30, 2015 at 05:33:00PM +0930, Rusty Russell wrote:
> Joseph's solution is that E can route a conditional refund back to A
> with a larger timeout (say 3 days) via some other route: this pays
> back the amount to A if they present the preimage for the initial
> stalled payment and another preimage A only has. This serves as a
> guarantee that E will not reveal the preimage required to take the
> stalled payment.
To clarify, this is only necessary if there is a routing failure when a
signed transaction has been sent but not acknowledged or cancellation is
refused.
For example, presume the prior route A->B->C->E. If C acknowledges B's
attempt to route but does not actually route after the signature has
been sent by B to C, then A and B are unsure whether C's computer has
gone offline or is acting maliciously. In that case, it's necessary for
E to send a "conditional refund" back to A. The reason A requires an
additional preimage/hash when doing the "conditional refund" is in case
the conditional refund itself fails.
However, the most likely case is the routing fails cleanly. If B is
unable to send to C because C has been offline or B otherwise refuses to
route to C, B can undo the HTLC by cancelling the HTLC entirely
(replacement with a new Commitment transaction state with A). This
cancellation can cascade back to the sender to free up the money. In the
event that the cancellation doesn't end up cascading back to the sender
(should be fairly rare), then A can get E to do the same E->D->A with
the same hash described in the previous example. Most routing failures
should end up being rollbacks.
> This raises other questions, such as who would pay E (and any other
> intermediate nodes) for locking up their money for such a time. Could
> A provide evidence that the route really had timed out? How many
> times can A claim "payment failed"? etc.
I'm assuming that the payment from A to E is split into many small
payments. If the payment is too small to be split up, then it's probably
cheap enough to not matter anyway (in most cases, waiting for expiration
is no big deal). Resolving incomplete payments should be deferred until
after the payment is sufficiently complete; E can have as a policy to
only send "conditional refunds" when she has received sufficient funds
from A (and A has paid for the time-value/fee of the refund). Since the
payment is likely source-routed, it is the responsibility for the sender
to pay for payment failure. The incentives are largely in favor of
receiver being online and accepting -- the recipient, is after all,
increasing the amount of bitcoin they own.
--
Joseph Poon
Joseph Poon [ARCHIVE] /
npub1ej…p9cq8
2023-06-09 12:43:31
in reply to nevent1q…dpx7
Author Public Key
npub1ej6vep7y2km5l6awukffelg8yeppkth2vjkjk9jypd5w336rxggs3p9cq8Published at
2023-06-09 12:43:31Event JSON
{
"id": "635c3e67683e4e217bb717667423bdffb63e92e84a41ac83eec519c9bfe4129f",
"pubkey": "ccb4cc87c455b74febaee5929cfd0726421b2eea64ad2b16440b68e8c7433211",
"created_at": 1686314611,
"kind": 1,
"tags": [
[
"e",
"196e6f16c10286053bb98332e16b93c95556ba52d6b40e0d8239621281383083",
"",
"root"
],
[
"e",
"fe2b96f574867ab83a64549041635a4a0bef7089dc64b9c176b40fb17051c88b",
"",
"reply"
],
[
"p",
"13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425"
]
],
"content": "📅 Original date posted:2015-07-02\n📝 Original message:\nHi Rusty and Stephen,\n\nOn Tue, Jun 30, 2015 at 05:33:00PM +0930, Rusty Russell wrote:\n\u003e Joseph's solution is that E can route a conditional refund back to A\n\u003e with a larger timeout (say 3 days) via some other route: this pays\n\u003e back the amount to A if they present the preimage for the initial\n\u003e stalled payment and another preimage A only has. This serves as a\n\u003e guarantee that E will not reveal the preimage required to take the\n\u003e stalled payment.\n\nTo clarify, this is only necessary if there is a routing failure when a\nsigned transaction has been sent but not acknowledged or cancellation is\nrefused.\n\nFor example, presume the prior route A-\u003eB-\u003eC-\u003eE. If C acknowledges B's\nattempt to route but does not actually route after the signature has\nbeen sent by B to C, then A and B are unsure whether C's computer has\ngone offline or is acting maliciously. In that case, it's necessary for\nE to send a \"conditional refund\" back to A. The reason A requires an\nadditional preimage/hash when doing the \"conditional refund\" is in case\nthe conditional refund itself fails.\n\nHowever, the most likely case is the routing fails cleanly. If B is\nunable to send to C because C has been offline or B otherwise refuses to\nroute to C, B can undo the HTLC by cancelling the HTLC entirely\n(replacement with a new Commitment transaction state with A). This\ncancellation can cascade back to the sender to free up the money. In the\nevent that the cancellation doesn't end up cascading back to the sender\n(should be fairly rare), then A can get E to do the same E-\u003eD-\u003eA with\nthe same hash described in the previous example. Most routing failures\nshould end up being rollbacks.\n\n\u003e This raises other questions, such as who would pay E (and any other\n\u003e intermediate nodes) for locking up their money for such a time. Could\n\u003e A provide evidence that the route really had timed out? How many\n\u003e times can A claim \"payment failed\"? etc.\n\nI'm assuming that the payment from A to E is split into many small\npayments. If the payment is too small to be split up, then it's probably\ncheap enough to not matter anyway (in most cases, waiting for expiration\nis no big deal). Resolving incomplete payments should be deferred until\nafter the payment is sufficiently complete; E can have as a policy to\nonly send \"conditional refunds\" when she has received sufficient funds\nfrom A (and A has paid for the time-value/fee of the refund). Since the\npayment is likely source-routed, it is the responsibility for the sender\nto pay for payment failure. The incentives are largely in favor of\nreceiver being online and accepting -- the recipient, is after all,\nincreasing the amount of bitcoin they own. \n\n-- \nJoseph Poon",
"sig": "8763084d060d7f0435101f317224610578d2a51eefd148dc0092bbe4af56b76b5d9caf69dd7b066bf040fa458532c990c10a435b20590ec10ba7022389e31608"
}