Author: fiatjaf 2021-12-18 13:07:56
Published on: 2021-12-18T13:07:56+00:00
In a message to the Lightning-dev mailing list, Joost Jager asked for opinions on how to implement opt-in sender authentication in Lightning. He noted that while Lightning provides anonymity for senders, there are cases where authentication could be useful, such as chat over Lightning or donation payments where a donor may want to reveal themselves. Jager suggested using a custom record containing an ECDSA signature or deriving a shared secret using ECDH with the sender and receiver node keys and attaching a custom record to the payment containing the sender node key and an HMAC of the payment hash using the shared secret as a key.As a temporary solution, someone suggested using lnurl-rfc, which allows users to provide a lone pubkey, a domain-specific pubkey along with a signature of a challenge provided by the receiver, or an unauthenticated name or email within the BOLT11 payment request using the 'h' tag. It was noted that the sender identity doesn't need to be the actual node identity and could be an unrelated key specific to the service being paid for. The discussion sought technical opinions on the best way to implement opt-in sender authentication while considering cryptographic authentication and non-repudiation issues.
Updated on: 2023-06-03T07:03:04.514058+00:00