Author: Martin Habovštiak 2022-01-31 15:10:22
Published on: 2022-01-31T15:10:22+00:00
The Lightning Network is facing similar AOPP concerns as Bitcoin, with companies like Bottlepay forcing some users to verify their node by creating a specialized invoice that asks for PII in the description and gives the signed invoice to the service. This issue has lasting effects if this practice were to scale out to all providers, as the Lightning Network is a reputation-based system without an easy way to handle rotations. Additionally, unsolicited users are unknowingly signing statements with their node, allowing bad actors to exploit them in the regulated space. On the payment receiver side, users may add a description for their reference later on. However, given the current reliance on custodians today, these third parties can see and store this information, which could reveal some pretty revealing information if exchanges are relaying invoices to chain analytic companies. This information collected in bulk will allow them to map out risk scores across the network, leading to censorship problems. In the end, users may just want to tag the invoice and store it internally for their reference. Using the tagged field description hash h instead of description d might help, but there are a few problems. For one, there's a transport problem that's not handled by the BOLT11 specification. Further, a salt would need to be added to descriptions for common payment reasons not to be guessed. My suggestion is to save the description to the wallet database instead of putting it in the invoice. Removing the ability for users to shoot themselves in the foot is necessary, and this can happen at the application layer today by removing descriptions from wallets. The lack of description support will help hinder the ability for mass surveillance in the Lightning space.
Updated on: 2023-06-03T07:24:59.957731+00:00