Author: Zooko Wilcox-OHearn 2015-09-22 01:27:03
Published on: 2015-09-22T01:27:03+00:00
In a discussion regarding requirements and desiderata, Rusty Russell explained the format of a route for onion routing. The route includes required bytes of data, which is decrypted by a node using its pubkey to reveal where the data should go next and how much fee can be taken. The nodes create the route backwards to calculate the size and then randomly pick a total size between 1024 and 4096, padding to that size with at least 32 bytes of random padding. Nodes can probe the route to guess the final destination, but there is no general fix for this issue. To prevent errors from leaking information to observers on the route, signing errors and using the 'sum' field as a secret key seems sensible. Overall, onion routing only provides limited protection against correlating HTLCs by R value.
Updated on: 2023-05-23T20:12:32.213493+00:00