Author: Matt Corallo 2021-10-13 16:57:57
Published on: 2021-10-13T16:57:57+00:00
In a recent conversation, ZmnSCPxj suggested using PTLCs as an obvious solution for adding random nonce to the PTLC payments. By doing so, the sender and lnurl endpoint would need to collude to steal the funds. However, ZmnSCPxj was looking for suggestions that could fix this issue without using PTLCs. Matt suggested using two hashes in an HTLC instead of one, where the second hash is from a preimage the sender generates and sends (encrypted via onion) to the receiver. This method could also replace payment_secret in invoices and provide similar protection against forwarding nodes probing. Matt also pointed out that every hop along the path would need to be informed about this construction and adapted to handle it. Therefore, if every node in the path needs to be adapted, then using PTLCs might be a better option.
Updated on: 2023-05-23T16:40:06.905728+00:00