Batch exchange withdrawal to lightning requires covenants

The email discusses a protocol described by Bastien, which aims to enable batched withdrawals. These withdrawals involve sending funds from an exchange directly to a list of users through channel funding outputs. The channels funding outputs are 2-of-2, meaning they require the cooperation of two lambda users or a lambda user and a LSP.There is a concern raised about the possibility of two users maliciously cooperating against the batch withdrawal transactions. This could be done by re-signing a CPFP (Child Pays For Parent) from the 2-of-2 and broadcasting the batch withdrawal as a higher-feerate package, and then evicting out the CPFP. This attack is referred to as a variant of a replacement cycling attack.The sender shares a link to a specific test that they believe matches the situation being discussed. The link points to non-deployed package acceptance code on GitHub: https://github.com/ariard/bitcoin/commit/19d61fa8cf22a5050b51c4005603f43d72f1efcfThe sender asks for confirmation if their understanding is correct or if they are missing any assumptions. They also agree with the assumptions made, such as the exchange not having an incentive to double-spend its own withdrawal transactions. Additionally, if all the batched funding outputs are shared with a LSP (Lightning Service Provider), the likelihood of malicious collusion is reduced.The email concludes with a farewell, which should be ignored in the summary.