š
Original date posted:2015-08-11
š Original message:
Hey Joseph,
thank you very much for your invaluable feedback!
Can you elaborate, why you think that the client is not able to close
the channel? I think this is a misunderstanding on your side, which
most of the rest of your post argues from. While there is a slight
favor for the server in the channel design, there is nothing what
prevents the client from broadcasting (and enforcing) the channel.
I will of course respect your inquiry - if you really mean it after
that misunderstanding - and stop calling it a Lightning Network
implementation as long as it does not provide the complete no-trust.
I have thought a lot about RBF, and it is definitely a problem with
this implementation.
2015-08-11 20:30 GMT+02:00 Joseph Poon <joseph at lightning.network>:
> Hi Mats,
>
> Interesting work on payment channels, I think a lot of the bitcoinj code
> can be used for further development as the necessary bitcoin softforks
> for LN are incorporated. A bitcoinj implementation for lightning would
> be great!
>
> On Tue, Aug 11, 2015 at 06:12:04PM +0200, Mats Jerratsch wrote:
>> I present you a implementation for a Lightning Network Payment-Hub +
>> Client. Everything is written in Java and can be accessed on
>
> Can you do me a big favor and not call this an implementation for
> Lightning Network, though? I would prefer some name like "payment
> channel networks" or something similar, as it's materially different in
> design and trust models. In particular, if exit scams occur, I don't
> want it to be associated with Lightning Network.
>
>> I made some changes to the channel design to have everything working
>> on the current Blockchain, without the need for softforks. Due to
>> that, the network is no longer no-trust, but low-trust. This will
>> change with the upcoming new OP_CODES.
>
> Yeah, a lot of the code can definitely be used for a full LN
> implementation when the opcodes come in for sure!
>
>> The provided wallet is just a prototype, I will focus on building a
>> potent backend in the future. There are many wallets out there
>> already, it will be much more useful if those add these
>> functionalities.
>
> Some quick feedback (might have more later):
> * I don't think a dual-Commitment structure is necessary if only one
> party can close out the channel. The purpose of having two Commitments
> is so that the payout structure is different. In this case, since only
> the server can broadcast the final balance (and the client has no way
> to close out the channel), only the B Commitment is necessary).
> * HTLCs have significant malleability risks with malicious servers
> (hostage scenarios).
> * If you presume full-RBF (which I think is a game-theoretic
> eventuality), clients can pay a higher fee to mutate the server's
> broadcast of the Commitment, which will result in the server's funds
> being held up permanently until the server is willing to negotiate
> (malleability hostage scenario).
> * Exit Scamming is a distinct and likely possibility. The server can
> develop a good reputation for a while, then decide to screw over
> everyone. The server refuses to do any further transactions in any
> channel which has funds in the clients favor (current channel balance
> for the client is above what was funded). With the timeout, the server
> gets the original deposit back, which is above what they should get
> back, in other words, the server steals your money.
> * This creates an asymmetric playing field. If one cannot be confident
> they will receive their funds back, this is similar to depositing your
> money on a hosted wallet such as Coinbase or whatever. The primary
> value of transacting on bitcoin is that the social costs of
> counterparty risks are minimized -- and counterparty risk is one of
> the primary inputs on interest rates (remove trust -> remove
> counterparty risk -> remove fees/interest). This can only exist if
> you're sufficiently willing to transact with nearly anyone (minimal
> underwriting).
>
>> Furthermore, as there are less everyday payments on the blockchain,
>> there is more space for important transactions of higher value.
>
> I agree that this is one of the primary values of payment channel based
> systems. To extend and take your point in a different direction, there
> is a risk if everyone uses blockchain transactions for every day
> purchases, that high-value transactions will crowd out low-value
> transactions. There is a tension that exists between the need for
> sufficiently high fees to pay miners (when the block rewards decline)
> and allowing low-fee transactions to be on-chain in a timely manner.
>
> --
> Joseph Poon
Mats Jerratsch [ARCHIVE] /
npub1hzā¦q5x8w
2023-06-09 12:43:57
in reply to nevent1qā¦e2qk
Author Public Key
npub1hz386xq4qszumlx5fsxa3kuxpaf8qvfrqqjg8zdl2l892hrcg55q6q5x8wPublished at
2023-06-09 12:43:57Event JSON
{
"id": "4d579490488391182fc634e2cc91760a884762efc14be4885c21180d9a246816",
"pubkey": "b8a27d18150405cdfcd44c0dd8db860f5270312300248389bf57ce555c784528",
"created_at": 1686314637,
"kind": 1,
"tags": [
[
"e",
"66681ffe7bd947a6d8c9a87dbb7582790b0efc37d305797619761486e2dc1149",
"",
"root"
],
[
"e",
"215c5e6c0a576bb8617328afca892f573921629b6b9d728e7bca1bfba747c068",
"",
"reply"
],
[
"p",
"ccb4cc87c455b74febaee5929cfd0726421b2eea64ad2b16440b68e8c7433211"
]
],
"content": "š
Original date posted:2015-08-11\nš Original message:\nHey Joseph,\n\nthank you very much for your invaluable feedback!\n\nCan you elaborate, why you think that the client is not able to close\nthe channel? I think this is a misunderstanding on your side, which\nmost of the rest of your post argues from. While there is a slight\nfavor for the server in the channel design, there is nothing what\nprevents the client from broadcasting (and enforcing) the channel.\n\nI will of course respect your inquiry - if you really mean it after\nthat misunderstanding - and stop calling it a Lightning Network\nimplementation as long as it does not provide the complete no-trust.\n\nI have thought a lot about RBF, and it is definitely a problem with\nthis implementation.\n\n2015-08-11 20:30 GMT+02:00 Joseph Poon \u003cjoseph at lightning.network\u003e:\n\u003e Hi Mats,\n\u003e\n\u003e Interesting work on payment channels, I think a lot of the bitcoinj code\n\u003e can be used for further development as the necessary bitcoin softforks\n\u003e for LN are incorporated. A bitcoinj implementation for lightning would\n\u003e be great!\n\u003e\n\u003e On Tue, Aug 11, 2015 at 06:12:04PM +0200, Mats Jerratsch wrote:\n\u003e\u003e I present you a implementation for a Lightning Network Payment-Hub +\n\u003e\u003e Client. Everything is written in Java and can be accessed on\n\u003e\n\u003e Can you do me a big favor and not call this an implementation for\n\u003e Lightning Network, though? I would prefer some name like \"payment\n\u003e channel networks\" or something similar, as it's materially different in\n\u003e design and trust models. In particular, if exit scams occur, I don't\n\u003e want it to be associated with Lightning Network.\n\u003e\n\u003e\u003e I made some changes to the channel design to have everything working\n\u003e\u003e on the current Blockchain, without the need for softforks. Due to\n\u003e\u003e that, the network is no longer no-trust, but low-trust. This will\n\u003e\u003e change with the upcoming new OP_CODES.\n\u003e\n\u003e Yeah, a lot of the code can definitely be used for a full LN\n\u003e implementation when the opcodes come in for sure!\n\u003e\n\u003e\u003e The provided wallet is just a prototype, I will focus on building a\n\u003e\u003e potent backend in the future. There are many wallets out there\n\u003e\u003e already, it will be much more useful if those add these\n\u003e\u003e functionalities.\n\u003e\n\u003e Some quick feedback (might have more later):\n\u003e * I don't think a dual-Commitment structure is necessary if only one\n\u003e party can close out the channel. The purpose of having two Commitments\n\u003e is so that the payout structure is different. In this case, since only\n\u003e the server can broadcast the final balance (and the client has no way\n\u003e to close out the channel), only the B Commitment is necessary).\n\u003e * HTLCs have significant malleability risks with malicious servers\n\u003e (hostage scenarios).\n\u003e * If you presume full-RBF (which I think is a game-theoretic\n\u003e eventuality), clients can pay a higher fee to mutate the server's\n\u003e broadcast of the Commitment, which will result in the server's funds\n\u003e being held up permanently until the server is willing to negotiate\n\u003e (malleability hostage scenario).\n\u003e * Exit Scamming is a distinct and likely possibility. The server can\n\u003e develop a good reputation for a while, then decide to screw over\n\u003e everyone. The server refuses to do any further transactions in any\n\u003e channel which has funds in the clients favor (current channel balance\n\u003e for the client is above what was funded). With the timeout, the server\n\u003e gets the original deposit back, which is above what they should get\n\u003e back, in other words, the server steals your money.\n\u003e * This creates an asymmetric playing field. If one cannot be confident\n\u003e they will receive their funds back, this is similar to depositing your\n\u003e money on a hosted wallet such as Coinbase or whatever. The primary\n\u003e value of transacting on bitcoin is that the social costs of\n\u003e counterparty risks are minimized -- and counterparty risk is one of\n\u003e the primary inputs on interest rates (remove trust -\u003e remove\n\u003e counterparty risk -\u003e remove fees/interest). This can only exist if\n\u003e you're sufficiently willing to transact with nearly anyone (minimal\n\u003e underwriting).\n\u003e\n\u003e\u003e Furthermore, as there are less everyday payments on the blockchain,\n\u003e\u003e there is more space for important transactions of higher value.\n\u003e\n\u003e I agree that this is one of the primary values of payment channel based\n\u003e systems. To extend and take your point in a different direction, there\n\u003e is a risk if everyone uses blockchain transactions for every day\n\u003e purchases, that high-value transactions will crowd out low-value\n\u003e transactions. There is a tension that exists between the need for\n\u003e sufficiently high fees to pay miners (when the block rewards decline)\n\u003e and allowing low-fee transactions to be on-chain in a timely manner.\n\u003e\n\u003e --\n\u003e Joseph Poon",
"sig": "60a349a4970b6035d4cbd0b7444374f4e4048eccfa7ee8ab98358865c64f9438ed613793a95818c27d7f766241f5167c1a65f2ade40b080047b6b5e40b14915c"
}