Author: Alejandro Ranchal Pedrosa 2019-04-21 02:33:07
Published on: 2019-04-21T02:33:07+00:00
In an email conversation, ZmnSCPxj and Alejandro discussed a potential solution to mitigate an attack on the sub-factory. However, there are concerns that this solution may trigger a race condition between the valid state of the sub-factory and the new state of the channel. Additionally, Alice and Bob might still be interested in stealing from Carol even if they lose the race, especially if the stolen funds are more. ZmnSCPxj suggested using the mechanism of Discrete Log Contracts where an Oracle is enforced to reveal its private key if it publishes multiple signatures signing different messages for a particular sampling. This can ensure that a public key is used only once. He proposed that if Alice and Bob sign an alternate transaction spending the A,B output, they also reveal to Carol the private key, allowing her to punish this behavior by burning the A,B output and sending it all as fees to miners. However, this solution may not be sufficient if the A,B channel is very small in capacity since Alice and Bob may be willing to sacrifice it in exchange for stealing larger amounts from Carol.
Updated on: 2023-06-02T18:22:50.858114+00:00