Author: Rusty Russell 2018-07-14 00:48:15
Published on: 2018-07-14T00:48:15+00:00
The discussion is about the application of sighash_noinput which allows a reduction in the number of stored signatures as it can spend any uxto with the respective one-use pub key script. However, it is being questioned whether privacy is being traded off in the case of watchtowers as they reveal which states are related. Eltoo is mentioned as it requires SIGHASH_NOINPUT which means that only the latest transaction is needed instead of a penalty tx for every state change. The txid_half + encrypted blob guarantees that nothing is learned about each state and how they relate unless a revocation must happen. On the other hand, it doesn't scale as it requires one blob per outsourced state. Once signatures are reused for multiple states with sighash_noinput, the question arises as to how information disclosure to a third party can be minimized. Although no full design has been done yet, encryption using the txid is suggested as a possible solution. A twist is that the watchtower may need to consider transactions that have already been spent by one or a chain of SIGHASH_NOINPUT transactions, but this is considered easy.
Updated on: 2023-05-25T01:49:02.507694+00:00