Author: ZmnSCPxj 2020-02-11 14:15:59
Published on: 2020-02-11T14:15:59+00:00
ZmnSCPxj shared a reply from waxwing regarding the Venus Flytrap attack and JoinMarket. He explained that this issue did not occur in their use case because takers send out to 5-12 makers at once, and the HP2 only needs to be broadcast by one to stop any reuse. However, he acknowledged that it is a substantial attack in the Lightning Network case. Waxwing provided a brief summary of the taker-maker conversation mechanism in JoinMarket. The commitment value is sent by the taker to each maker, and if it is already used, it gets broadcast immediately. If not, it only gets shared after the next step. The mechanism is not very strong but serves to stop trivial global snooping without costing anything in terms of identity or locked funds. There could be a small time window between one maker receiving !auth and at least one other honest maker getting to the broadcast step at !ioauth, which is a theoretical concern. Waxwing promised to look into a new idea related to node-id and get back to them on that.
Updated on: 2023-06-02T22:58:44.300138+00:00