lightning-dev

OP_Expire and Coinbase-Like Behavior: Making HTLCs Safer by Letting Transactions Expire Safely

OP_Expire and Coinbase-Like Behavior: Making HTLCs Safer by Letting Transactions Expire Safely

Original Postby Peter Todd

Posted on: October 21, 2023 10:31 UTC

The email discusses a clever idea that aims to prevent a specific attack.

However, it is pointed out that this idea does not actually prevent the attack. The situation is described where there was originally one person, Carol, who could perform the attack, but with the implementation of the new idea, an unlimited number of Carols can now perform the attack and benefit from it if they are miners. This puts Bob in a position where he may not learn about the preimage in time and therefore fail to redeem the received HTLC output.

From Carol's perspective, the situation remains relatively unchanged. They can still attempt to spend the offered HTLC output after the redeemed HTLC output times out, and whether or not they fail because Bob received a refund or someone else spent the offered HTLC output via the anyone-can-spend path is not relevant to Carol.

It is also mentioned that this solution is inferior to another solution called OP_Expire in an important way. With OP_Expire, once the HTLC preimage branch has expired, Bob can spend the offered HTLC output at their convenience because they are the only party with the ability to do so. On the other hand, with the full-RBF (Replace-By-Fee) feature, anyone can run the code on behalf of miners, with some exceptions due to RBF anti-DoS (Denial-of-Service) rules. It is noted that people are already using this feature to manipulate signature-less ordinal transactions.

The email includes a link to Peter Todd's website (https://petertodd.org), which provides more information on the topic.