lightning-dev
OP_Expire and Coinbase-Like Behavior: Making HTLCs Safer by Letting Transactions Expire Safely
Posted on: November 14, 2023 19:50 UTC
In discussing the intricacies of Lightning Network channels and their associated risks, a notable distinction was made between revoked states and Hash Time-Locked Contracts (HTLCs).
Revoked states are fraudulent and carry a high risk of loss if detected, which is why they are integral to punishment-based protocols. It was suggested that there may be room for improvement in security regarding these issues.
The economics of Lightning channels were emphasized, particularly how fees should represent only a small fraction of the channel's total value to be practical for general routing. An attack involving HTLCs where miners profit from increased feerate rather than the total HTLC value was described as illogical due to the nature of fee markets, where miners would otherwise forego transactions paying lower fees. The notion that channels could incur closing costs amounting to a significant percentage of their value in fees was refuted, indicating that such a situation is currently avoidable with proper channel management.
Another point of discussion was the use of Replace-By-Fee (RBF) for fee bumping in commitment transactions. The possibility of using SIGHASH_NOINPUT to sign HTLC refund transactions was highlighted, which could potentially simplify the process by eliminating the need for different sets of HTLC refund transactions corresponding to various commitment transaction feerates.
Lastly, the concept of LN-Symmetry was critiqued, particularly in scenarios lacking mutual trust between parties. The communication underscored the inherent insecurity of attempting to remove justice mechanisms from the Lightning Network. Trust in one's counterparty was deemed essential to prevent them from engaging in manipulative fee strategies.
For more detailed technical insights on these topics, interested readers can refer to the resources available at Peter Todd's website, reachable via the provided email contact 'peter'[:-1]@petertodd.org.