David A. Harding [ARCHIVE] on Nostr: 📅 Original date posted:2020-11-28 📝 Original message: On Thu, Nov 26, 2020 at ...
📅 Original date posted:2020-11-28
📝 Original message:
On Thu, Nov 26, 2020 at 11:40:46PM +0200, Gleb Naumenko wrote:
>
> Hello list,
Gleb and Antoine,
This is an interesting idea! Thank you for working on it.
I had difficulty with one part of the proposal:
> #### Should we allow holding *any* Bitcoins (not just LN channels) for Stake Certificates?
>
> [...] we believe that allowing any UTXO would give an attacker more
> opportunities to use their cold funds for this attack, or even have a
> secondary market where holders sell their proofs (they have nothing to
> loose).
Can't a malicious user get around this restriction by opening channels
with themself? (Also, aren't current channel open outputs just P2WSH
2-of-2 multisigs, and in the future won't they be generic P2TR outputs?
How would a stake certificate prove that the UTXO was generated for LN
rather than just belonging to a user with a 2-of-2 multisig wallet or
any key-path-spendable taproot wallet?)
According to some random website, the current total channel balance of
the public LN is about 1,000 BTC. Although I'm sure this will grow with
time, it seems to me that an attacker who can rent access to stake
certificates for a one-week attack at, say, a 5% annual interest rate
would only need to pay 1 BTC to acquire stake certificates equal to all
honest users at present. That cost doesn't seem high enough to me to
effectively prevent attacks. Am I missing something?
Thanks,
-Dave
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20201128/9e9c7884/attachment.sig>;
📝 Original message:
On Thu, Nov 26, 2020 at 11:40:46PM +0200, Gleb Naumenko wrote:
>
> Hello list,
Gleb and Antoine,
This is an interesting idea! Thank you for working on it.
I had difficulty with one part of the proposal:
> #### Should we allow holding *any* Bitcoins (not just LN channels) for Stake Certificates?
>
> [...] we believe that allowing any UTXO would give an attacker more
> opportunities to use their cold funds for this attack, or even have a
> secondary market where holders sell their proofs (they have nothing to
> loose).
Can't a malicious user get around this restriction by opening channels
with themself? (Also, aren't current channel open outputs just P2WSH
2-of-2 multisigs, and in the future won't they be generic P2TR outputs?
How would a stake certificate prove that the UTXO was generated for LN
rather than just belonging to a user with a 2-of-2 multisig wallet or
any key-path-spendable taproot wallet?)
According to some random website, the current total channel balance of
the public LN is about 1,000 BTC. Although I'm sure this will grow with
time, it seems to me that an attacker who can rent access to stake
certificates for a one-week attack at, say, a 5% annual interest rate
would only need to pay 1 BTC to acquire stake certificates equal to all
honest users at present. That cost doesn't seem high enough to me to
effectively prevent attacks. Am I missing something?
Thanks,
-Dave
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20201128/9e9c7884/attachment.sig>;