Return-Path: <joseph@lightning.network>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 0D5DA409
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 11 Aug 2015 04:18:09 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pa0-f49.google.com (mail-pa0-f49.google.com
	[209.85.220.49])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 88722222
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 11 Aug 2015 04:18:08 +0000 (UTC)
Received: by pabyb7 with SMTP id yb7so120837607pab.0
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Mon, 10 Aug 2015 21:18:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=lightning.network; s=google;
	h=date:from:to:cc:subject:message-id:references:mime-version
	:content-type:content-disposition:in-reply-to;
	bh=JyAa36SUZsUuXlupEKxvvhphnLURYLwu45+ho7N5gZw=;
	b=S99/NLUL1yQcOof4UwCblGij//r139SttZHCGf8iBSWEKdkt15UF209Z3S72qONZBT
	/OcQW2K1+QZi2MoWUfOVZ68z3npH3uimJzNuVDYynz1PRcS/16ag3xImx1VStnEQJi/X
	lPDFseSaYTNroVWws26qB+Zyo+pkbmK1qAY3o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:date:from:to:cc:subject:message-id:references
	:mime-version:content-type:content-disposition:in-reply-to;
	bh=JyAa36SUZsUuXlupEKxvvhphnLURYLwu45+ho7N5gZw=;
	b=gj98GqtusRh/m7cQn+qezCpQebuXszj6jRsIyP7czwhZsH9xZMrihkjRMcxV1UzSvY
	rWaNjA4SXfzFM8obbnG7DmbqWhJUAU1wiZLW1KiNlJ0wAJXQvazw1hXErlYJNVo27TaS
	jfOznAgPfj4IAUhRDGlVqdb9+rwhSq9PEAibHoUY8yimdaoxZFgm0V2MY1ZWBksnpvXN
	FtV/jhxDst3w7tZBjrm9ZQ/6JueDsriVX+WbhMvuFrd/sEZoNBoeqqEDKS1gbynb5Zpm
	eUkfp1rCSmBO6tKyU0G+lKkY4NTv1aFGTEVB+99H9Cb+B3/85BhOErv20NCw66INKFW1
	YetA==
X-Gm-Message-State: ALoCoQmP2xrc2iDHLiWHvmGwvRHTPuchMN3kq2S19KYXxPU6qVEUqXjOruudj7Wp5RFfobnPOGor
X-Received: by 10.66.138.16 with SMTP id qm16mr53352653pab.29.1439266688014;
	Mon, 10 Aug 2015 21:18:08 -0700 (PDT)
Received: from localhost ([209.141.33.28])
	by smtp.gmail.com with ESMTPSA id bd5sm644191pbb.85.2015.08.10.21.18.07
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 10 Aug 2015 21:18:07 -0700 (PDT)
Date: Mon, 10 Aug 2015 21:17:53 -0700
From: Joseph Poon <joseph@lightning.network>
To: Benjamin <benjamin.l.cordes@gmail.com>
Message-ID: <20150811041736.GA21351@lightning.network>
References: <8185694.hShCHQnpze@coldstorage>
	<CALqxMTHpXymxg6ATcMM3gm73gww5tznzNsY5quNbRpzsnxS53g@mail.gmail.com>
	<20150808085451.4689995.38052.4163@thomaszander.se>
	<CAOoPuRYk_R+kyfyrROcL8y9Bdfq7ufsyXSH_Uva2GPGcK_jwkA@mail.gmail.com>
	<55C5E31A.2090508@sky-ip.org>
	<CAOoPuRbTtr1Mu1MtvJ_j0Gp9kt4O=dOLrUwgp82H-smAbwqrOg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAOoPuRbTtr1Mu1MtvJ_j0Gp9kt4O=dOLrUwgp82H-smAbwqrOg@mail.gmail.com>
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] trust
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 04:18:09 -0000

Hi Benjamin,

On Sat, Aug 08, 2015 at 02:01:58PM +0200, Benjamin via bitcoin-dev wrote:
> How do you know who is who online? 

If a node is not online, then the payment can be cancelled and
re-routed.

> If Alice and Bob want to transact and haven't exchanged keys before
> they need public-key infrastructure out-of-band to identify
> themselves. Which means they are using SSL and Certificate authorities
> and trust them. 

Lightning doesn't solve the key exchange problem (perhaps something like
Namecoin will help in the future). Bitcoin faces this problem today. How
do you know the bitcoin address belongs to the recipient without
trusting CAs? What if, in the case of the majority of bitcoin payments
today, the bitcoin address was not signed and the recipient claimed to
have never received their funds? There should be signed proof of payment
in every transaction for this reason.

> If you have non-cooperative hubs they could flood the network and make
> it unusable. And why should hubs cooperate? There are no incentives in
> the system.

There are some incentives towards keeping the system functional via
fees. If you attempt to flood the system, you'll likely be paying some
fees -- someone running a node will not interpret it as an attack, as
they're getting some money (probabably substantially higher as they will
increase fees to ensure network availability).

I agree that it's very important to think through varius attack models.

-- 
Joseph Poon