📅 Original date posted:2016-01-29
📝 Original message:
CJP <cjp at ultimatestunts.nl> writes:
>> I'm sure I've missed things; what are they?
>
> The lazy answer is to tell you to read the Amiko Pay protocol
> description.[1] :-P Note that it is (of course) already outdated. To
> give you some of the concept choices in there:
>
> * Transport layer: TCP. We don't need its retransmission features (since
> it's not good enough and we'll re-implement it in a higher layer), but
> unlike UDP it works well over TOR.
Agreed. I've implemented TCP for the moment, but am not making any
assumptions about it for protocol design.
> * Serialization: JSON, with some conventions added on top of it, e.g.
> for more efficient transfer of binary data. It is bloated, but easily
> debuggable and easily extensible. Good for prototypes, maybe not so good
> for high-performance production code.
Agreed. I think I'd like something better for a protocol definition,
but it's nice for prototyping.
> * Message confirmation: this is done manually (instead of relying on
> TCP), so that a node knows which messages were received / need to be
> re-transmitted, even after a crash + restart.
I think the protocol itself needs to be robust against retransmissions.
There's no way to know if the other side received your acknowledgement
before a crash, so you will always need to handle duplication on
re-establishment.
> * There is not only two-way communication between linked peers, but also
> between payer and payee. This is necessary for Amiko Pay's
> bi-directional routing, but also useful e.g. for transmitting meta-data
> that doesn't fit in a QR code. Amiko Pay transmits an arbitrary-contents
> "receipt" from payee to payer; in the future, this might be digitally
> signed by the payee, as a "proof of transfer of ownership" of
> non-cryptographic goods.
I agree. There's room in the initial onion design for payer -> payee
messages, but we don't have a channel for responses.
I can't see an easy way to implement the payee --> payer comms reliably:
to be reliable it would have to be published on-chain in the commit tx.
(Which we could do by constructing HTLCs such that they require a blob
signed by the payee, but that's tracable ...).
Mats and Laolu wanted to add an arbitrary comms protocol layer, but I
think that's something we can defer.
> * Bi-directional routing: both payer and payee route towards a "meeting
> point". This way, neither payer nor payee has to have a routable address
> on the network. This is good for both payer and payee privacy; also, in
> case of a semi-centralized network with a couple of large hubs, this
> allows the network to grow without the large hubs noticing it, both in
> payer and in payee direction.
Yes, I've totally punted on routing and fees. This idea merges well
with the idea of randomly selecting a handful of "beacons", which I've
toyed with in the past.
> * Multiple channels per link: useful to be able to route transactions
> the usual way while one of the channels is (temporarily) closed. It's
> also the easy way of adding more funds to an existing link, or funds
> from both sides.
For the moment this is done with separate connections, though it would
be fairly trivial to multiplex over a single transport.
> * Different channel classes: the micro-transaction design, and its
> implications on what info needs to be transferred in which situations,
> is a separate, higher-level protocol layer on top of a more generic
> protocol that takes care of routing.
Yes, and we can't really finalize the lower-level implementation until
we have the upper parts anyway...
> * Reserving before locking: this is an optimization, to reduce the risk
> of locking funds in payment channels on a part of the route, and then
> having to undo the locking when it turns out that the remaining part of
> the route doesn't exist (anymore). Reserving is an informal(*),
> temporary locking of funds for use in the transaction, and can be done
> and undone very fast, without any channel operations. It is done
> together with route searching + establishment.
I think that trades one DoS for another, though. It saves cryptographic
constructs, but latency is the real cost, and this increases it.
Of course, we'll have to revisit that if the network in practice proves
subject to these problems...
> PS. Don't trust a protocol spec that doesn't have an implementation,
> since it's probably missing a couple of essential things. Don't use an
> implementation that doesn't have a protocol spec, since you're likely to
> run into future compatibility issues.
Rough consensus and running code, indeed.
Thanks,
Rusty.
Rusty Russell [ARCHIVE] /
npub1zw…hkhpx
2023-06-09 12:45:36
in reply to nevent1q…85tf
Author Public Key
npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpxPublished at
2023-06-09 12:45:36Event JSON
{
"id": "27650fbffa27a4c5b8f6a2d27f3b96aa36d26ab9aa57bed9ec366ef3845b4695",
"pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425",
"created_at": 1686314736,
"kind": 1,
"tags": [
[
"e",
"1a61101c4617aecbef63f89e90e92d029874cb7e068b2b0dce3ecb1bf14d55f8",
"",
"root"
],
[
"e",
"3d16b4d63a6046047419981ed441960c1d887db841ad20a99b3478ec8091b6d1",
"",
"reply"
],
[
"p",
"880fa8c3080c3bd98e574cfcd6d6f53fd13e0516c40ea3f46295438b0c07bdf5"
]
],
"content": "📅 Original date posted:2016-01-29\n📝 Original message:\nCJP \u003ccjp at ultimatestunts.nl\u003e writes:\n\u003e\u003e I'm sure I've missed things; what are they?\n\u003e\n\u003e The lazy answer is to tell you to read the Amiko Pay protocol\n\u003e description.[1] :-P Note that it is (of course) already outdated. To\n\u003e give you some of the concept choices in there:\n\u003e\n\u003e * Transport layer: TCP. We don't need its retransmission features (since\n\u003e it's not good enough and we'll re-implement it in a higher layer), but\n\u003e unlike UDP it works well over TOR.\n\nAgreed. I've implemented TCP for the moment, but am not making any\nassumptions about it for protocol design.\n\n\u003e * Serialization: JSON, with some conventions added on top of it, e.g.\n\u003e for more efficient transfer of binary data. It is bloated, but easily\n\u003e debuggable and easily extensible. Good for prototypes, maybe not so good\n\u003e for high-performance production code.\n\nAgreed. I think I'd like something better for a protocol definition,\nbut it's nice for prototyping.\n\n\u003e * Message confirmation: this is done manually (instead of relying on\n\u003e TCP), so that a node knows which messages were received / need to be\n\u003e re-transmitted, even after a crash + restart.\n\nI think the protocol itself needs to be robust against retransmissions.\nThere's no way to know if the other side received your acknowledgement\nbefore a crash, so you will always need to handle duplication on\nre-establishment.\n\n\u003e * There is not only two-way communication between linked peers, but also\n\u003e between payer and payee. This is necessary for Amiko Pay's\n\u003e bi-directional routing, but also useful e.g. for transmitting meta-data\n\u003e that doesn't fit in a QR code. Amiko Pay transmits an arbitrary-contents\n\u003e \"receipt\" from payee to payer; in the future, this might be digitally\n\u003e signed by the payee, as a \"proof of transfer of ownership\" of\n\u003e non-cryptographic goods.\n\nI agree. There's room in the initial onion design for payer -\u003e payee\nmessages, but we don't have a channel for responses.\n\nI can't see an easy way to implement the payee --\u003e payer comms reliably:\nto be reliable it would have to be published on-chain in the commit tx.\n(Which we could do by constructing HTLCs such that they require a blob\nsigned by the payee, but that's tracable ...).\n\nMats and Laolu wanted to add an arbitrary comms protocol layer, but I\nthink that's something we can defer.\n\n\u003e * Bi-directional routing: both payer and payee route towards a \"meeting\n\u003e point\". This way, neither payer nor payee has to have a routable address\n\u003e on the network. This is good for both payer and payee privacy; also, in\n\u003e case of a semi-centralized network with a couple of large hubs, this\n\u003e allows the network to grow without the large hubs noticing it, both in\n\u003e payer and in payee direction.\n\nYes, I've totally punted on routing and fees. This idea merges well\nwith the idea of randomly selecting a handful of \"beacons\", which I've\ntoyed with in the past.\n\n\u003e * Multiple channels per link: useful to be able to route transactions\n\u003e the usual way while one of the channels is (temporarily) closed. It's\n\u003e also the easy way of adding more funds to an existing link, or funds\n\u003e from both sides.\n\nFor the moment this is done with separate connections, though it would\nbe fairly trivial to multiplex over a single transport.\n\n\u003e * Different channel classes: the micro-transaction design, and its\n\u003e implications on what info needs to be transferred in which situations,\n\u003e is a separate, higher-level protocol layer on top of a more generic\n\u003e protocol that takes care of routing.\n\nYes, and we can't really finalize the lower-level implementation until\nwe have the upper parts anyway...\n\n\u003e * Reserving before locking: this is an optimization, to reduce the risk\n\u003e of locking funds in payment channels on a part of the route, and then\n\u003e having to undo the locking when it turns out that the remaining part of\n\u003e the route doesn't exist (anymore). Reserving is an informal(*),\n\u003e temporary locking of funds for use in the transaction, and can be done\n\u003e and undone very fast, without any channel operations. It is done\n\u003e together with route searching + establishment.\n\nI think that trades one DoS for another, though. It saves cryptographic\nconstructs, but latency is the real cost, and this increases it.\n\nOf course, we'll have to revisit that if the network in practice proves\nsubject to these problems...\n\n\u003e PS. Don't trust a protocol spec that doesn't have an implementation,\n\u003e since it's probably missing a couple of essential things. Don't use an\n\u003e implementation that doesn't have a protocol spec, since you're likely to\n\u003e run into future compatibility issues.\n\nRough consensus and running code, indeed.\n\nThanks,\nRusty.",
"sig": "c2cfdeff368b72972b0df364cb9f77299e86bdf9370d88446771f585b024dec2cd8f4921dd76aae9437c8979f730e906f68ff1b4a3c6591338efae745ef6a3fe"
}