Author: Rusty Russell 2021-12-03 02:59:40
Published on: 2021-12-03T02:59:40+00:00
Matt Corallo suggests that PTLCs can be used to solve the problem of correlation in onion routing. He proposes that a random nonce * G should be added by the sender to each PTLC payment, and the recipient should receive a random nonce in the onion. This should be done for every PTLC payment. The hops in bolt12 have unique tweaks derived from the onion share secret which needs to be addressed.In bolt12, there is an added problem for tipping cases where each invoice contains an amount, so pre-printing amountless invoices is not possible. To address this, Rusty suggests a generic authorization mechanism where the offer contains a fallback node. The fallback returns either an invoice signed by the expected node or one signed by itself along with an authorization from the expected node. The authorization may be for a particular offer, amount, or have an expiry. This approach lets users choose their trust model. The fallback node can also provide an onion message notification service when the real node comes back, which avoids polling.
Updated on: 2023-06-03T06:24:07.122922+00:00