Author: Anthony Towns 2015-11-27 09:09:46
Published on: 2015-11-27T09:09:46+00:00
Nicolas Dorier suggests a method to open channels without being vulnerable to malleability attacks by adapting an idea from gmaxwell. The process involves A asking B for their pubkey, creating the first commitment transaction, and extracting the hash that B needs to sign to broadcast the commitment. A then asks B to sign the hash without disclosing the commitment, broadcasts the anchor, and after confirmation, announces the anchor to B. However, there is a potential risk for someone other than B to malleate the anchor between broadcast and confirmation. It is not possible for B to identify A's anchor before announcement because they do not know the P2SH of the multisig. Additionally, B cannot reuse pubkeys between different channels with this protocol. Using child-pays-for-parent (CPFP) seems plausible as a solution, but it does not work yet. Segregated witness appears to be a more likely solution.
Updated on: 2023-05-18T16:35:21.536158+00:00