Published on: 2018-12-22T14:38:21+00:00
The conversation between ZmnSCPxj and Jose revolves around finding ways to streamline the process of invoice replenishment for service-based machines, such as vending machines. ZmnSCPxj suggests using a cheap EEPROM to store several hundred thousand invoices and replenishing them at each checkup. However, they acknowledge that the person who replenishes the machine is typically not a technician, so they propose adding instructions to make the process easier.The conversation then shifts to payment decorrelation and the discussion of moving to points and scalars to fix the issue. This would eliminate the need for storing invoices in offline machines and allow for hierarchical derivation. They also discuss the advantages and disadvantages of two proposals, one allowing for an initial configuration with a shared secret and the other requiring a standard wallet and intermittent connectivity. The second proposal's drawback is the logistical challenge of replenishing hashes into offline vending machines.The conversation touches on other topics such as price changes, static QR codes, privacy, and security. Both systems are vulnerable to hacking, especially with physical access to the machine. The importance of having standards to increase usability is highlighted, and Rusty's proposal for static offers is mentioned.In an email conversation, ZmnSCPxj proposes a piggybacking scheme for vending machines and toll booths. This scheme allows the vending machine to only send the product or service ID to the remote Lightning Network Node, while the price can be adjusted in real time. Concerns are raised about selling products with fluctuating BTC value, but ZmnSCPxj states that they sell products with fixed BTC value, and because BTC is deflationary, the value of the product will never change. Technicians still need to periodically check the machines for mechanical damage or attempts to pay via crowbar to ensure invoices can be replenished with up-to-date prices, minimizing risk. Static QR codes are considered unimportant as long as the invoice can be generated at the vending machine and a QR code is shown for payment and product claim.In another email conversation between Jose and ZmnSCPxj, they discuss the advantages and disadvantages of using standard versus modified wallets for LN payments. ZmnSCPxj argues that standard wallets are more desirable as modifications can be dangerous and increase overall effort. They also address logistical concerns around replenishing offline vending machines, with ZmnSCPxj proposing a system that only requires an initial configuration of the machine with a shared secret for unlimited payments. Jose raises concerns about handling price changes, static QR codes, privacy, and security. ZmnSCPxj suggests using Rusty's proposal for static offers and payment decorrelation to address these concerns.The proposed solution to the problem of offline devices sharing a secret with an online LN Node involves the online node preparing invoices where the first six digits of the preimages are restricted to decimal digits and the succeeding 58 digits are a salt. The offline vending machine stores the payment hash, salt, and invoice signature from the online node. When a customer wants to purchase an item, the machine presents an unclaimed invoice and instructs the customer to enter the first six digits of the payment preimage. The machine matches the digits with its list of unclaimed invoices, and if successful, the invoice is marked as used and the product is dispensed.Another scheme proposed is for offline payments, involving an offline device and an online LN Node sharing a common secret seed. Both devices independently calculate the same per_transaction_secret (PIN), which is encrypted within the payment_preimage by the LN Node and sent to the LN Wallet. Upon payment, the LN Wallet decrypts and shows the PIN to the user, who provides it to the offline device for verification. A standard is needed for every compliant wallet to know how to decode and present this information to the user.Overall, the conversations explore various solutions and considerations to improve the efficiency and security of invoice replenishment for service-based machines using LN payments.
Updated on: 2023-07-31T21:09:48.167030+00:00