Author: Nadav Kohen 2019-07-26 15:43:27
Published on: 2019-07-26T15:43:27+00:00
A Payment-Atomic Information Decryption (PAID) API has been documented and is currently functional on testnet, with plans to be implemented on mainnet within a week. The API implements the original proposal and will be iterated on to include amendments. An example client for querying the API and decrypting returned data using pre-image recovery has been provided in the form of a GitHub repository. Discussion on the Lightning-dev mailing list has focused on the security implications of APIs that require payment, with one suggestion being to purchase an upfront auth token to allow access for a set time and number of requests. Another suggestion was to pay per request for larger data payloads. The benefits of the PAID API include reducing client-server interaction for REST APIs while ensuring payment to the merchant, with atomicity to transactions. However, concerns have been raised about the potential for clients to perform denial-of-service attacks by repeatedly requesting data without paying.
Updated on: 2023-06-02T19:08:58.707418+00:00