Published on: 2021-02-08T10:33:36+00:00
The conversation focuses on the concept of making an exchange atomic in a commercial application to prevent malicious credential servers from selectively stealing money while appearing honest to others. The advantage of this idea is that payments for credentials are anonymous and indistinguishable from other payments. However, there are vulnerabilities in this anonymous credential scheme that can be exploited. Even in a trustful exchange with Lightning Network (LN), a malicious server can choose to be dishonest with a private channel connected to itself, leaving the victim without any proof of non-receipt of credentials. Additionally, even if the server acts honestly, users can falsely claim non-receipt of credentials, damaging the service's reputation. To address this, the blind-show protocol is suggested as a means to verify the server's honesty during credential presentation. Making the exchange atomic is deemed necessary for a commercial application to prevent exploitation of anonymity.In a post to the Lightning-dev mailing list, Miyamoto proposes an idea for anonymous credentials utilizing ElGamal encryption and discrete-log selling on PTLC. This proposal involves selling both a discrete-log and an elliptic curve point that meets certain requirements, including KVAC used for WabiSabi and Signal app. Miyamoto provides protocols for two scenarios: paying for an ElGamal decryption key and paying for a Keyed Verification Anonymous Credential (KVAC). In both cases, buyers can purchase items anonymously without revealing their identity. Miyamoto believes that KVAC has significant potential as a building block for anonymous web apps due to its MAC-based construction, which offers better performance and easier security proofs compared to similar systems based on PKI-based anonymous credentials. However, the lack of an anonymous charging mechanism has hindered widespread usage of KVAC. Miyamoto suggests that LN-based payment and KVAC-based apps are well-suited for each other. Despite the potential benefits of exchanging credentials in this manner, challenges such as DoS protection and Sybil attacks still need to be addressed.The article delves into the potential application of Discrete-Log selling on PTLC lightning, which can revolutionize the development of anonymity-focused applications using LN. The author presents protocols for paying for an ElGamal decryption key and paying for a Keyed Verification Anonymous Credential (KVAC). KVAC is seen as a promising building block for anonymous web apps due to its MAC-based construction, offering superior performance and easier security proofs compared to similar systems. However, the absence of an anonymous charging mechanism has limited its widespread adoption, leading to concerns regarding DoS protection and Sybil attacks. The combination of LN-based payment and KVAC-based apps can address these issues, making them suitable for granting server resource rights to users in an unlinkable fashion.The author introduces an application of Discrete-Log selling on PTLC lightning that hasn't been extensively discussed. By utilizing ElGamal encryption, users can sell both a discrete-log and an elliptic curve point meeting specific requirements, including KVAC used in WabiSabi and Signal app. The author outlines protocols for paying for an ElGamal decryption key and paying for a Keyed Verification Anonymous Credential (KVAC). In the first protocol, the seller sells the decryption key without revealing the discrete log, while in the second protocol, the issuer sends an elgamal encryption of KVAC to the buyer. The author believes that KVAC holds great potential as a foundational element for anonymous web apps, thanks to its MAC-based construction offering better performance and easier security proofs than similar PKI-based systems. However, the absence of anonymous charging mechanisms and concerns over Sybil attacks pose challenges for anonymous applications. To overcome these hurdles, the author suggests leveraging LN-based payment and KVAC-based apps.
Updated on: 2023-07-31T23:23:36.443932+00:00