Author: ZmnSCPxj 2021-07-06 04:54:11
Published on: 2021-07-06T04:54:11+00:00
In a conversation between ZmnSCPxj and Billy on the bitcoin-dev mailing list, they discussed the possibility of proving balances held on the Lightning network. They suggested that every channel is anchored on-chain, and the two participants can sign a plaintext containing their node pubkeys and the amount each owns. However, this balance attestation is only valid at the instant it is taken and cannot be used as verification that the money is still owned by the same channel partner in the next second. The ownership of funds is conditional on knowledge of keys, which is easily copyable, making it possible that the funds proven to be the reserve of a custodian are actually also owned by someone else who has gotten to the private keys. Moreover, custodian proof-of-reserves is not that popular because it only proves that the funds were owned under a particular key at some snapshot of the past but does not prove that the key will not be lost later. There is no way to prove that there is no alternate copy of the private keys, hence "if only one could prove that he won't get into a boating accident". ZmnSCPxj also pointed out that a more practical problem is that Lightning channel states change fairly quickly, and there are possible race conditions due to network latency where a custodian Lightning node is unable to "freeze" a snapshot of its current state and make an atomic proof-of-reserves of all channels. Although if funds do get lost, it would become clear far quicker than today, where an insolvent company could go many months without the public finding out.
Updated on: 2023-06-15T00:11:34.851257+00:00