Author: ZmnSCPxj 2021-07-06 00:09:25
Published on: 2021-07-06T00:09:25+00:00
In the context of Lightning channels, if one party loses their key in a boating accident, the other party has every incentive to unilaterally close the channel, which reveals the exact amounts. This is why custodian proof-of-reserves is not popular as it only proves that the funds were owned under a particular key at some snapshot of the past and does not prove that the key will not get lost later. ZmnSCPxj explains that every channel is anchored on-chain, and the anchor (the funding txout) is proof of the existence and size of the channel. The two participants in the channel can sign plaintext containing their node pubkeys and how much each owns. One of the participants should provably be the custodian. If the counterparty is a true third party, it has no incentive to lie about its money. If the counterparty is another custodian who wants proof-of-reserves, it has every incentive to overreport but then the first party will refuse to sign. It has a disincentive to underreport and would refuse to sign a dishonest report that assigns more funds to the first party. However, there are possible race conditions where a custodian Lightning node is unable to "freeze" a snapshot of its current state and make an atomic proof-of-reserves of all channels due to network latency.
Updated on: 2023-06-15T00:07:57.326233+00:00