📅 Original date posted:2015-08-11
📝 Original message:
Hi Mats,
Interesting work on payment channels, I think a lot of the bitcoinj code
can be used for further development as the necessary bitcoin softforks
for LN are incorporated. A bitcoinj implementation for lightning would
be great!
On Tue, Aug 11, 2015 at 06:12:04PM +0200, Mats Jerratsch wrote:
> I present you a implementation for a Lightning Network Payment-Hub +
> Client. Everything is written in Java and can be accessed on
Can you do me a big favor and not call this an implementation for
Lightning Network, though? I would prefer some name like "payment
channel networks" or something similar, as it's materially different in
design and trust models. In particular, if exit scams occur, I don't
want it to be associated with Lightning Network.
> I made some changes to the channel design to have everything working
> on the current Blockchain, without the need for softforks. Due to
> that, the network is no longer no-trust, but low-trust. This will
> change with the upcoming new OP_CODES.
Yeah, a lot of the code can definitely be used for a full LN
implementation when the opcodes come in for sure!
> The provided wallet is just a prototype, I will focus on building a
> potent backend in the future. There are many wallets out there
> already, it will be much more useful if those add these
> functionalities.
Some quick feedback (might have more later):
* I don't think a dual-Commitment structure is necessary if only one
party can close out the channel. The purpose of having two Commitments
is so that the payout structure is different. In this case, since only
the server can broadcast the final balance (and the client has no way
to close out the channel), only the B Commitment is necessary).
* HTLCs have significant malleability risks with malicious servers
(hostage scenarios).
* If you presume full-RBF (which I think is a game-theoretic
eventuality), clients can pay a higher fee to mutate the server's
broadcast of the Commitment, which will result in the server's funds
being held up permanently until the server is willing to negotiate
(malleability hostage scenario).
* Exit Scamming is a distinct and likely possibility. The server can
develop a good reputation for a while, then decide to screw over
everyone. The server refuses to do any further transactions in any
channel which has funds in the clients favor (current channel balance
for the client is above what was funded). With the timeout, the server
gets the original deposit back, which is above what they should get
back, in other words, the server steals your money.
* This creates an asymmetric playing field. If one cannot be confident
they will receive their funds back, this is similar to depositing your
money on a hosted wallet such as Coinbase or whatever. The primary
value of transacting on bitcoin is that the social costs of
counterparty risks are minimized -- and counterparty risk is one of
the primary inputs on interest rates (remove trust -> remove
counterparty risk -> remove fees/interest). This can only exist if
you're sufficiently willing to transact with nearly anyone (minimal
underwriting).
> Furthermore, as there are less everyday payments on the blockchain,
> there is more space for important transactions of higher value.
I agree that this is one of the primary values of payment channel based
systems. To extend and take your point in a different direction, there
is a risk if everyone uses blockchain transactions for every day
purchases, that high-value transactions will crowd out low-value
transactions. There is a tension that exists between the need for
sufficiently high fees to pay miners (when the block rewards decline)
and allowing low-fee transactions to be on-chain in a timely manner.
--
Joseph Poon
Joseph Poon [ARCHIVE] /
npub1ej…p9cq8
2023-06-09 12:43:56
in reply to nevent1q…2syl
Author Public Key
npub1ej6vep7y2km5l6awukffelg8yeppkth2vjkjk9jypd5w336rxggs3p9cq8Published at
2023-06-09 12:43:56Event JSON
{
"id": "215c5e6c0a576bb8617328afca892f573921629b6b9d728e7bca1bfba747c068",
"pubkey": "ccb4cc87c455b74febaee5929cfd0726421b2eea64ad2b16440b68e8c7433211",
"created_at": 1686314636,
"kind": 1,
"tags": [
[
"e",
"66681ffe7bd947a6d8c9a87dbb7582790b0efc37d305797619761486e2dc1149",
"",
"root"
],
[
"e",
"1e9c999ac01eee0ed50a3602b077d60a245b83b9ae642ab04e5192e207fe5927",
"",
"reply"
],
[
"p",
"b8a27d18150405cdfcd44c0dd8db860f5270312300248389bf57ce555c784528"
]
],
"content": "📅 Original date posted:2015-08-11\n📝 Original message:\nHi Mats,\n\nInteresting work on payment channels, I think a lot of the bitcoinj code\ncan be used for further development as the necessary bitcoin softforks\nfor LN are incorporated. A bitcoinj implementation for lightning would\nbe great!\n\nOn Tue, Aug 11, 2015 at 06:12:04PM +0200, Mats Jerratsch wrote:\n\u003e I present you a implementation for a Lightning Network Payment-Hub +\n\u003e Client. Everything is written in Java and can be accessed on\n\nCan you do me a big favor and not call this an implementation for\nLightning Network, though? I would prefer some name like \"payment\nchannel networks\" or something similar, as it's materially different in\ndesign and trust models. In particular, if exit scams occur, I don't\nwant it to be associated with Lightning Network.\n\n\u003e I made some changes to the channel design to have everything working\n\u003e on the current Blockchain, without the need for softforks. Due to\n\u003e that, the network is no longer no-trust, but low-trust. This will\n\u003e change with the upcoming new OP_CODES.\n\nYeah, a lot of the code can definitely be used for a full LN\nimplementation when the opcodes come in for sure!\n\n\u003e The provided wallet is just a prototype, I will focus on building a\n\u003e potent backend in the future. There are many wallets out there\n\u003e already, it will be much more useful if those add these\n\u003e functionalities.\n\nSome quick feedback (might have more later):\n* I don't think a dual-Commitment structure is necessary if only one\n party can close out the channel. The purpose of having two Commitments\n is so that the payout structure is different. In this case, since only\n the server can broadcast the final balance (and the client has no way\n to close out the channel), only the B Commitment is necessary).\n* HTLCs have significant malleability risks with malicious servers\n (hostage scenarios).\n* If you presume full-RBF (which I think is a game-theoretic\n eventuality), clients can pay a higher fee to mutate the server's\n broadcast of the Commitment, which will result in the server's funds\n being held up permanently until the server is willing to negotiate\n (malleability hostage scenario).\n* Exit Scamming is a distinct and likely possibility. The server can\n develop a good reputation for a while, then decide to screw over\n everyone. The server refuses to do any further transactions in any\n channel which has funds in the clients favor (current channel balance\n for the client is above what was funded). With the timeout, the server\n gets the original deposit back, which is above what they should get\n back, in other words, the server steals your money.\n* This creates an asymmetric playing field. If one cannot be confident\n they will receive their funds back, this is similar to depositing your\n money on a hosted wallet such as Coinbase or whatever. The primary\n value of transacting on bitcoin is that the social costs of\n counterparty risks are minimized -- and counterparty risk is one of\n the primary inputs on interest rates (remove trust -\u003e remove\n counterparty risk -\u003e remove fees/interest). This can only exist if\n you're sufficiently willing to transact with nearly anyone (minimal\n underwriting).\n\n\u003e Furthermore, as there are less everyday payments on the blockchain,\n\u003e there is more space for important transactions of higher value.\n\nI agree that this is one of the primary values of payment channel based\nsystems. To extend and take your point in a different direction, there\nis a risk if everyone uses blockchain transactions for every day\npurchases, that high-value transactions will crowd out low-value\ntransactions. There is a tension that exists between the need for\nsufficiently high fees to pay miners (when the block rewards decline)\nand allowing low-fee transactions to be on-chain in a timely manner.\n\n-- \nJoseph Poon",
"sig": "8ab562ffbf9298199052080529d3f7e36dd6363f8098ab9bfde80946f19188437ef16938cd975ecb8f57f41da3e55a6e1520ed8aca60bcc8456606cf55ec65b7"
}