The Ark case for CTV

In the context of receiving Lightning payments in Ark, the conversation delves into the intricacies of utilizing CheckTemplateVerify (CTV) for enhancing the security and efficiency of such transactions. The primary focus lies on mitigating Denial of Service (DoS) attacks that could arise when receivers participate in transaction rounds without contributing any stakes. This scenario is particularly problematic as it exposes the system to potential abuse by malicious actors who might fail to reveal preimages, a critical component in the transaction process.

CTV emerges as a pivotal solution by obviating the need for receiver participation in rounds, thus significantly reducing the vulnerability to DoS attacks. However, the discussion also highlights an inherent risk associated with the non-revelation of preimages, irrespective of whether multisig or CTV mechanisms are employed. This risk pertains to the ability of a receiver to withhold the preimage, thereby jeopardizing the completion of the transaction.

The dialogue further explores strategies currently employed to address similar challenges within Just-In-Time (JIT) channels, as detailed in resources from BitcoinOps and their newsletters. Notably, two approaches are identified: one involving considerable trust in the Lightning Service Provider (LSP), where the receiver discloses their preimage before the channel funding transaction is confirmed, and another that entails minimal trust, where the payment is bifurcated into two invoices. The first invoice covers the payment itself, while the second serves as a prepayment for signing a funding transaction. This arrangement ensures that even if the LSP acts maliciously, they can only abscond with the amount specified in the prepayment invoice, thus safeguarding the larger payment amount.

The discussion suggests that both aforementioned methods, which hinge on varying degrees of trust in the LSP, could be seamlessly integrated with CTV to facilitate the receipt of LN payments in Ark. These approaches effectively place funds at stake, ensuring that users can safely participate in rounds without posing a DoS threat. Furthermore, their active involvement and requisite signatures provide added security, ensuring that once a round concludes with suitable confirmation depth, the received funds remain secure against unauthorized access by the Ark server.

Lastly, the conversation acknowledges that while CTV introduces significant improvements, it does not inherently alter the fundamental dynamics of trust or the risks associated with the non-disclosure of preimages. Regardless of the protective measures implemented, the potential for an abuser to lock up server liquidity by failing to reveal a preimage remains a concern that necessitates further consideration and mitigation strategies.