From cjp at ultimatestunts.nl Tue Sep 1 19:48:38 2015 From: cjp at ultimatestunts.nl (CJP) Date: Tue, 01 Sep 2015 21:48:38 +0200 Subject: [Lightning-dev] Loop attack with onion routing.. In-Reply-To: References: <874mjujyqe.fsf@rustcorp.com.au> <1440870652.4197.88.camel@hppg6.kloosterkade> <1440957679.5747.48.camel@hppg6.kloosterkade> <1441091250.4549.25.camel@hppg6.kloosterkade> Message-ID: <1441136918.5280.13.camel@hppg6.kloosterkade> Anthony Towns schreef op di 01-09-2015 om 17:56 [+1000]: > On 1 September 2015 at 17:07, CJP wrote: > > Anthony Towns schreef op di 01-09-2015 om 07:08 [+1000]: > > On 31 August 2015 at 04:01, CJP > wrote: > > > A - b - c - D - e - F - g - H > No. H just tells A he can route this particular transaction to > D. A > doesn't know H. > > > ?That doesn't make sense to me -- if A doesn't know H, how can H tell > A anything? Sorry, that must have been confusing. The way I see it (and the way it's implemented in Amiko Pay), payer and payee (A and H in the scenario) have a direct communication link between each other (temporary, for the duration of the payment), to coordinate the payment. They exchange things like the hash of R, the to-be-paid amount and the address of the meeting point (D). Currently, it's a normal TCP connection, so they know each others' IP address, but I guess that, even without changes to the Amiko Pay code, you could run Amiko Pay as a TOR hidden service (payer connects to payee, so payee has to be the hidden service). Or they could meet each other physically (without knowing each other), and communicate over a temporary link (WiFi, Bluetooth or something else). There is no technical reason why they should know each others' identity, IP address or any routable address on the Lightning / Amiko network. I guess your further questions followed from this issue. Is it all clear now? CJP >