Published on: 2020-07-29T12:21:25+00:00
The Lightning Network operates on the principle that possession of a preimage serves as proof of payment. This is considered stronger evidence than simply relying on E's claim of not receiving anything. The chance of guessing the preimage is virtually impossible, making it highly unlikely for E to argue that they used a random hash without knowledge of the preimage. If E breaches the protocol by giving the preimage to C instead of claiming the money from D, it is seen as E's problem. Even if D testifies that E never settled the HTLC, it is improbable that E did not settle the incoming HTLC since they should have created a payment hash with knowledge of the preimage.In the case of the Wormhole attack, where two forwarding nodes coordinate to teleport the preimage from one to the other and bypass intermediate nodes, the fees that the skipped forwarding nodes should have earned for honestly forwarding are stolen. However, this attack does not affect the proof of payment. As long as A can acquire the preimage, they have evidence of payment, regardless of how they obtained it. Therefore, even if E claims to have been hacked by C and did not deliberately give the preimage, C would still be liable, and both C and E would gain nothing.To address the Wormhole attack, PTLCs (Probabilistic Time-Locked Contracts) and blinding factors are used. By employing blinding factors, E learns the total of all blinding factors and knows the final scalar but does not know the blinding factor delta from C to E. This prevents E from providing C with any information on how to claim the funds. Good invoices that are signed by E and clearly indicate who will receive the service or product are crucial in avoiding such attacks.In a conversation between Ankit Gangwal and others, a scenario is raised where A wants to send funds to E but lacks a direct payment channel. They utilize the Lightning Network and pass on the hash of a secret r from E to A through intermediaries B, C, and D. However, E breaches the protocol by disclosing the secret to C and not responding to D. C settles the HTLC with B and gives the secret to A, who then settles the HTLC with B. When A claims that E did not receive the money, the Lightning Network considers possession of the preimage as proof of payment. If E gave the preimage to someone else instead of claiming the money from D, it would be deemed E's problem, and A could pursue legal action. The possession of the preimage, which matches the signed payment hash from E, serves as stronger evidence that A has indeed paid, compared to E's claim of not receiving anything. The practically impossible nature of guessing the preimage further supports the validity of A's payment.
Updated on: 2023-07-31T22:57:59.952727+00:00