📅 Original date posted:2021-12-27 📝 Original message: On 12/2/21 21:59, Rusty ...

Matt Corallo [ARCHIVE] /

npub1e46…xmcu

2023-06-09 13:04:32

in reply to nevent1q…8cwd

📅 Original date posted:2021-12-27
📝 Original message:
On 12/2/21 21:59, Rusty Russell wrote:
> Matt Corallo <lf-lists at mattcorallo.com> writes:
> In bolt12, we have the additional problem for the tipping case: each
> invoice contains an amount, so you can't preprint amountless invoices.
> (This plugs a hole in bolt11 for this case, where you get a receipt but
> no amount!).
>
> However, I think the best case is a generic authorization mechanism:
>
> 1. The offer contains a fallback node.
> 2. Fallback either returns you an invoice signed by the node you expect, *or*
> one signed by itself and an authorization from the node you expect.
> 3. The authorization might be only for a particular offer, or amount, or
> have an expiry. *handwave*.
>
> This lets the user choose the trust model they want. The fallback node
> may also provide an onion message notification service when the real
> node comes back, to avoid polling.

Missed this mail, but, right, good point about amounts. Indeed, having cross-signing by the fallback
node seems like a good idea. For the tipping use-case, allowing a BOLT-12 response with no amount
included under the signature seems fine (with a signed amount from the fallback node).

Matt

Author Public Key

npub1e46n428mcyfwznl7nlsf6d3s7rhlwm9x3cmkuqzt3emmdpadmkaqqjxmcu

Show more details

Published at

2023-06-09 13:04:32

Kind type

1 Short Text Note

Event JSON

{ "id": "13a2139f70488fef107b8d86f3da2b0c56b7ec9021f71db6581dbfc9c2c6160a", "pubkey": "cd753aa8fbc112e14ffe9fe09d3630f0eff76ca68e376e004b8e77b687adddba", "created_at": 1686315872, "kind": 1, "tags": [ [ "e", "feb2d8d7e4369d6cffbe54fc07683415bb851bc528f5d33c0e80bc48691bb5d2", "", "root" ], [ "e", "0c722698768283f3862853cc1a6e159909c420836ff635f67e371101451da1b2", "", "reply" ], [ "p", "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425" ] ], "content": "📅 Original date posted:2021-12-27\n📝 Original message:\nOn 12/2/21 21:59, Rusty Russell wrote:\n\u003e Matt Corallo \u003clf-lists at mattcorallo.com\u003e writes:\n\u003e In bolt12, we have the additional problem for the tipping case: each\n\u003e invoice contains an amount, so you can't preprint amountless invoices.\n\u003e (This plugs a hole in bolt11 for this case, where you get a receipt but\n\u003e no amount!).\n\u003e \n\u003e However, I think the best case is a generic authorization mechanism:\n\u003e \n\u003e 1. The offer contains a fallback node.\n\u003e 2. Fallback either returns you an invoice signed by the node you expect, *or*\n\u003e one signed by itself and an authorization from the node you expect.\n\u003e 3. The authorization might be only for a particular offer, or amount, or\n\u003e have an expiry. *handwave*.\n\u003e \n\u003e This lets the user choose the trust model they want. The fallback node\n\u003e may also provide an onion message notification service when the real\n\u003e node comes back, to avoid polling.\n\nMissed this mail, but, right, good point about amounts. Indeed, having cross-signing by the fallback \nnode seems like a good idea. For the tipping use-case, allowing a BOLT-12 response with no amount \nincluded under the signature seems fine (with a signed amount from the fallback node).\n\nMatt", "sig": "3ee34a4c8116c8887633e39faab79340ffaa10e5dfed29848856d431aaca2e1b0f308b728f9ebb7cce1bad26d5947c34d4a83dede3acfaaad3de8f5939a91ef3" }