Return-Path: Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id B8BC9C0032 for ; Tue, 7 Nov 2023 11:12:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 9C10161392 for ; Tue, 7 Nov 2023 11:12:10 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 9C10161392 Authentication-Results: smtp3.osuosl.org; dkim=pass (2048-bit key) header.d=protonmail.com header.i=@protonmail.com header.a=rsa-sha256 header.s=protonmail3 header.b=J21y4ZJX X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.599 X-Spam-Level: X-Spam-Status: No, score=-1.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TPbi5a7-YzG4 for ; Tue, 7 Nov 2023 11:12:09 +0000 (UTC) Received: from mail-40130.protonmail.ch (mail-40130.protonmail.ch [185.70.40.130]) by smtp3.osuosl.org (Postfix) with ESMTPS id 45AA461388 for ; Tue, 7 Nov 2023 11:12:09 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 45AA461388 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1699355527; x=1699614727; bh=uig3cHZwy8EEt7LRCUj639oHg0eVzbK/UyhuICUci4g=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=J21y4ZJXNpkFKUx7izn39Zcq9gdI/8NDPmZa/oB+E9nJMFz/VNr7f3BeIc43/TLDQ uJN6u6ChYhmWAkArP5jkChMJ2oBG/DITm/1bsJJHScFk6U5yRWKaKSkyaNnrC9+ZoN CvRVs4jI51AS6M0HIyRd2xK0njTZhiQHcfwWwdjgXtXMGfPqXnfPTUVlqaVSGEAsMK ON5FSa/LFK4hy6398p1wHUyWUVkA0COBW9hVcPeaEleGZS59pMygrg2VjANBo4NzDK 5BA/+UK0RFjqngPRgBWj26W/EsKzxXgh4nLn9k+7TG4GHJRrsgwK8GzK3j2ujkvx27 5bIiEA8SfAluw== Date: Tue, 07 Nov 2023 11:11:59 +0000 To: Antoine Riard From: ZmnSCPxj Message-ID: In-Reply-To: References: Feedback-ID: 2872618:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: Bitcoin Protocol Discussion , "lightning-dev\\\\\\\\@lists.linuxfoundation.org" , security@ariard.me Subject: Re: [bitcoin-dev] [Lightning-dev] OP_Expire and Coinbase-Like Behavior: Making HTLCs Safer by Letting Transactions Expire Safely X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Nov 2023 11:12:10 -0000 Good morning Antoine, > Once the HTLC is committed on the Bob-Caroll link, Caroll releases the pr= eimage off-chain to Bob with an `update_fulfill_htlc` message, though Bob d= oes _not_ send back his signature for the updated channel state. >=20 > Some blocks before 100, Caroll goes on-chain to claim the inbound HTLC ou= tput with the preimage. Her commitment transaction propagation in network m= empools is systematically "replaced cycled out" by Bob. I think this is impossible? In this scenario, there is an HTLC offered by Bob to Carol. Prior to block 100, only Carol can actually create an HTLC-success transact= ion. Bob cannot propagate an HTLC-timeout transaction because the HTLC timelock = says "wait till block 100". Neither can Bob replace-recycle out the commitment transaction itself, beca= use the commitment transaction is a single-input transaction, whose sole in= put requires a signature from Bob and a signature from Carol --- obviously = Carol will not cooperate on an attack on herself. So as long as Carol is able to get the HTLC-success transaction confirmed b= efore block 100, Bob cannot attack. Of course, once block 100 is reached, `OP_EXPIRE` will then mean that Carol= cannot claim the fund anymore. Regards, ZmnSCPxj