Author: armdxxi 2022-01-31 04:59:53
Published on: 2022-01-31T04:59:53+00:00
Recent concerns have been raised about the exploitation of the tagged field in Bolt11 invoices, which provides a description of the transaction. This feature is being used by bad actors to exploit unsuspecting users in regulated spaces. KYC Node Verification companies like Bottlepay are forcing some users to verify their nodes by creating a specialized invoice that asks for personally identifiable information (PII) to be included in the description, which can then be stored and shared with 3rd parties, regulators, and governments. On the payment receiver side, a user may add a description for their reference later on, but given the current reliance on custodians today, these 3rd parties can see and store this information. This information collected in bulk will allow them to map out risk scores across the network, leading to censorship problems, and they may also share suspected node owners and their known transactions with malicious parties. One suggestion is to clearly communicate to users that the information put in invoices can be verified by 3rd parties and ideally, wallet developers should remove the description completely. Using the tagged field description hash h instead of description d might help, but there are UX considerations that may not solve the problem. It is recommended to save the description to the wallet database instead of putting it in the invoice. Payers should be provided with a similar description text box that may be saved in their database. The lack of description support will help hinder the ability for mass surveillance in the Lightning space.
Updated on: 2023-06-03T07:24:28.395964+00:00