Author: ZmnSCPxj 2018-04-17 06:14:37
Published on: 2018-04-17T06:14:37+00:00
The conversation between Conner and ZmnSCPxj is about the "encrypted blob" approach for watchtowers. ZmnSCPxj provides a link to an older mailing list thread that covers a variety of revocation schemes, including the encrypted blob approach. The encrypted blob approach involves sending an encrypted blob with a hint to the watchtower, which can be decrypted by the watchtower to assemble a justice transaction. ZmnSCPxj also shares recent investigations they have been conducting on watchtowers, including observations that can inform an efficient set of signatures to be included in the encrypted blobs. They note that the storage requirement for the watchtower is dominated by the number of HTLC signatures included in the encrypted blob, but suggest that the watchtower only needs to act if second stage transactions are confirmed. They propose a minimal solution that involves sending signatures for independent sweep transactions, allowing the watchtower to sweep each HTLC output individually. This approach is fairly efficient in preventing the attacker entirely from moving funds from the channel into their wallet with respect to the amount of data stored. All in all, the ability to sweep each HTLC independently is more-or-less a requirement given the complexity of how the on-chain state-space can manifest, especially if CLTVs have already expired.
Updated on: 2023-05-24T23:22:08.243027+00:00