meow21 on Nostr: sender can double spend if recipient is offline once recipient goes online, their ...
sender can double spend if recipient is offline
once recipient goes online, their ecash client communicates with mint, and seeks to 'melt' (redeem in otherwords) the ecash they recieved from sender whilst offline.
Try it out yourself with a second device and go offline before you scan the QR with the ecash.
Double-spend on yourself. It's fun.
Generally speaking there is a trust assumption you make as a user of ecash, when you connect to a mint for the first time as well as when recieving any ecash offline, that you have to accept. All you possess in your client/wallet is a blind signature proof that can be redeemed to a trusted mint for satoshis on Lightning.
If you are online this 'melt' process is quasi-instantenous and with a few taps you can validate the reception of those satoshis by paying an LN invoice to your personal wallet using the ecash client. The newly 'claimed' ecash from the untrusted sender (again just blind signatures) are redeemed to the mint and will fulfill the LN invoice after some routing and usual LN fees. If you have a channel already open between your wallet and the mint (because your trusted it and interacted with it in past) then it's lightning fast...
If you are offline and don't trust the person in front of you... then why connect to a random mint and accept ecash from them for your goods & service? That said if you can convince the sender to connect to your mint (you operate it, on-top of a LN node with liquidity) and have them pay an LN invoice to the mint, then send you the ecash from your own mint... well you could be fully offline and just pass them a URL or .onion to connect and pay the mint (you)... or just give them an onchain address and wait for 6 confs or get them to pay a LN invoice. ecash does not replace Bitcoin or Lightning in this scenario nor is it meant to.
...so yes, you can double spend within an ecash system but as a cat that has most literally spent days with strangers waiting 1+ hours for 6 onchain confirmations to 'be safe of a double spend' or chain reorg I find the ecash tradeoff of trust/risk much easier to grasp and deal with, especially when sending literally 1 satoshi to someone as a tip. The benefits of offline & tx-less sending of ecash which can (with trust assumptions) be redeemed to real-cold-hard sats can't be overlooked in future high-fee times, as well as allowing for a singular satoshi micro-payement systems to be possible. It is all about tradeoffs, and I don't think anyone sane should be trying to settle a 42 bitcorn tx with ecash, but I am going to zap 42 nuts to your nostr address right now for almost no fee.
hope my rant makes sense to you, the double spend potential is a known tradeoff within such systems for years. Who knows maybe some brilliant dev will solve it in future.
once recipient goes online, their ecash client communicates with mint, and seeks to 'melt' (redeem in otherwords) the ecash they recieved from sender whilst offline.
Try it out yourself with a second device and go offline before you scan the QR with the ecash.
Double-spend on yourself. It's fun.
Generally speaking there is a trust assumption you make as a user of ecash, when you connect to a mint for the first time as well as when recieving any ecash offline, that you have to accept. All you possess in your client/wallet is a blind signature proof that can be redeemed to a trusted mint for satoshis on Lightning.
If you are online this 'melt' process is quasi-instantenous and with a few taps you can validate the reception of those satoshis by paying an LN invoice to your personal wallet using the ecash client. The newly 'claimed' ecash from the untrusted sender (again just blind signatures) are redeemed to the mint and will fulfill the LN invoice after some routing and usual LN fees. If you have a channel already open between your wallet and the mint (because your trusted it and interacted with it in past) then it's lightning fast...
If you are offline and don't trust the person in front of you... then why connect to a random mint and accept ecash from them for your goods & service? That said if you can convince the sender to connect to your mint (you operate it, on-top of a LN node with liquidity) and have them pay an LN invoice to the mint, then send you the ecash from your own mint... well you could be fully offline and just pass them a URL or .onion to connect and pay the mint (you)... or just give them an onchain address and wait for 6 confs or get them to pay a LN invoice. ecash does not replace Bitcoin or Lightning in this scenario nor is it meant to.
...so yes, you can double spend within an ecash system but as a cat that has most literally spent days with strangers waiting 1+ hours for 6 onchain confirmations to 'be safe of a double spend' or chain reorg I find the ecash tradeoff of trust/risk much easier to grasp and deal with, especially when sending literally 1 satoshi to someone as a tip. The benefits of offline & tx-less sending of ecash which can (with trust assumptions) be redeemed to real-cold-hard sats can't be overlooked in future high-fee times, as well as allowing for a singular satoshi micro-payement systems to be possible. It is all about tradeoffs, and I don't think anyone sane should be trying to settle a 42 bitcorn tx with ecash, but I am going to zap 42 nuts to your nostr address right now for almost no fee.
hope my rant makes sense to you, the double spend potential is a known tradeoff within such systems for years. Who knows maybe some brilliant dev will solve it in future.