Author: Rusty Russell 2016-08-10 10:39:50
Published on: 2016-08-10T10:39:50+00:00
In a discussion about the Lightning Network, Tadge Dryja suggests using HMAC to compare transactions against the key-value store. While this method works for watching one channel with many states, it becomes inefficient when watching multiple channels, as it would require one million HMAC operations for every incoming transaction. However, by putting all the watched txids into the same tree and using seek access time, the CPU and I/O cost per incoming transaction remains constant regardless of the number of separate channels being watched. The watcher also needs preimage, pubkeys, a signature, OP_CSV delay amounts for each side, and HTLCs. To optimize privacy/data tradeoff, the watcher can gather HTLCs from previous requests and see which ones are required. The signature is not recommended as a key for reconstructing messages, but changing pubkeys every step isn't required if using Laolu's key-revocation scheme instead of shachain/elkrem.
Updated on: 2023-05-24T00:15:02.518983+00:00