ZmnSCPxj [ARCHIVE] on Nostr: 📅 Original date posted:2022-08-26 📝 Original message: Good morning Rene, > Dear ...
📅 Original date posted:2022-08-26
📝 Original message:
Good morning Rene,
> Dear fellow Lightning Developers,
>
> I was recently on an event where the visitors have been gifted 10k sats on a custodial wallet. They could spend those sats via some web interface and an NFC card. During the event I was contacted by several plebs who were confused about one particular thing:
> It was impossible for them to withdraw the full amount from the service.
>
> Pasting an invoice for 10k sats would not work as the custodial service required a fee budget of 1%. However if people submitted an invoice for 9900 sats the remaining 100 sats were usually not fully required for the fees. Thus the users may have had a leftover of for example 67 sats. Now the problem repeated on the residual amount. While some services seem to have a drain feature for such a situation I find this frustrating and was wondering if we could help directly on a protocol level.
>
> Here is my proposal for a simple solution to this specific problem: `option_recipient_pays_routing_fees`
>
> This would be a new flag in invoices signaling that the recipient is willing to pay for the routing fees by releasing the preimage even if the full amount has not been arrived in htlcs at the recipient.
>
> So the workflow would be the following:
>
> 1. Alice creates an invoice for 10k sats setting the `option_recipient_pays_routing_fees` flag in the invoice and passes it either to custodial user Bob or to her own custodial account.
> 2. The payer parses the invoice and searches for a payment path or payment flow to Alice.
> 3. Because `option_recipient_pays_routing_fee` is set, the onion is not constructed in a way that the final HTLC will be for the amount of 10k sats but rather in a way that the first htlc will be for 10k sats and the following HTLCs will be of decreasing value so that routing nodes are compensated properly.
> 4. When the HTLC(s) arrive at Alice she will release the preimage if and only if not too many sats (e.g. 1% of the amount) are missing. Of course it would be good if the 1% was not hard coded in the protocol / software but configurable by Alice at the time of invoice creation.
>
> I think the main issue with this proposal is that instead of confusing users who wish to drain an account we may now have to educate users about two different invoice types. On the other hand I think this can probably easily be achieved via the current wide spread user interfaces. Of course it may be nice to have folks from the Bitcoin Design community to join this specific part of the discussion.
In theory, trampoline routes / whatever-the-cool-name-is-now should fix this problem as well.
I am referring to that scheme where the invoice contains an onion and a "trampoline" node that is the only node that can decrypt the first layer of the onion.
The sender then has to route to the trampoline node, and the trampoline node then receives the rest of the onion.
In this scheme, the receiver provides an encrypted route from some node to itself.
As the receiver provides the route in order to gain privacy from the sender, the onus is on the receiver to deduct the fees from its received funds.
i.e. the sender is only responsible for paying for fees up to the entry point of the trampoline.
Thus, such a drain requirement simply means that the custodial service has to give its node ID.
Then the receiver finds a route from the custodial service to itself, and encodes that in the trampoline onion, with a direct neighbor of the custodial service node as the trampoline.
The custodial service then does not care about any fees as the receiver decided the route; the receiver knows exactly how much to expect (since it calculated the route).
Of course, it is also possible as you propose, but any level-1-selfish custodial service will then always keep the remaining fee budget and always ensure that the receiver gets 99% of the value (or 100% - whatever_setting_they_chose), paying fees, and keeping the remaining 1% for itself.
The receiver in this case cannot audit the route anyway, and thus cannot determine how much the true fees are; whereas in the trampoline case the route is specifically selected by the receiver.
Regards,
ZmnSCPxj
📝 Original message:
Good morning Rene,
> Dear fellow Lightning Developers,
>
> I was recently on an event where the visitors have been gifted 10k sats on a custodial wallet. They could spend those sats via some web interface and an NFC card. During the event I was contacted by several plebs who were confused about one particular thing:
> It was impossible for them to withdraw the full amount from the service.
>
> Pasting an invoice for 10k sats would not work as the custodial service required a fee budget of 1%. However if people submitted an invoice for 9900 sats the remaining 100 sats were usually not fully required for the fees. Thus the users may have had a leftover of for example 67 sats. Now the problem repeated on the residual amount. While some services seem to have a drain feature for such a situation I find this frustrating and was wondering if we could help directly on a protocol level.
>
> Here is my proposal for a simple solution to this specific problem: `option_recipient_pays_routing_fees`
>
> This would be a new flag in invoices signaling that the recipient is willing to pay for the routing fees by releasing the preimage even if the full amount has not been arrived in htlcs at the recipient.
>
> So the workflow would be the following:
>
> 1. Alice creates an invoice for 10k sats setting the `option_recipient_pays_routing_fees` flag in the invoice and passes it either to custodial user Bob or to her own custodial account.
> 2. The payer parses the invoice and searches for a payment path or payment flow to Alice.
> 3. Because `option_recipient_pays_routing_fee` is set, the onion is not constructed in a way that the final HTLC will be for the amount of 10k sats but rather in a way that the first htlc will be for 10k sats and the following HTLCs will be of decreasing value so that routing nodes are compensated properly.
> 4. When the HTLC(s) arrive at Alice she will release the preimage if and only if not too many sats (e.g. 1% of the amount) are missing. Of course it would be good if the 1% was not hard coded in the protocol / software but configurable by Alice at the time of invoice creation.
>
> I think the main issue with this proposal is that instead of confusing users who wish to drain an account we may now have to educate users about two different invoice types. On the other hand I think this can probably easily be achieved via the current wide spread user interfaces. Of course it may be nice to have folks from the Bitcoin Design community to join this specific part of the discussion.
In theory, trampoline routes / whatever-the-cool-name-is-now should fix this problem as well.
I am referring to that scheme where the invoice contains an onion and a "trampoline" node that is the only node that can decrypt the first layer of the onion.
The sender then has to route to the trampoline node, and the trampoline node then receives the rest of the onion.
In this scheme, the receiver provides an encrypted route from some node to itself.
As the receiver provides the route in order to gain privacy from the sender, the onus is on the receiver to deduct the fees from its received funds.
i.e. the sender is only responsible for paying for fees up to the entry point of the trampoline.
Thus, such a drain requirement simply means that the custodial service has to give its node ID.
Then the receiver finds a route from the custodial service to itself, and encodes that in the trampoline onion, with a direct neighbor of the custodial service node as the trampoline.
The custodial service then does not care about any fees as the receiver decided the route; the receiver knows exactly how much to expect (since it calculated the route).
Of course, it is also possible as you propose, but any level-1-selfish custodial service will then always keep the remaining fee budget and always ensure that the receiver gets 99% of the value (or 100% - whatever_setting_they_chose), paying fees, and keeping the remaining 1% for itself.
The receiver in this case cannot audit the route anyway, and thus cannot determine how much the true fees are; whereas in the trampoline case the route is specifically selected by the receiver.
Regards,
ZmnSCPxj