From ZmnSCPxj at protonmail.com Tue Nov 13 12:52:56 2018 From: ZmnSCPxj at protonmail.com (ZmnSCPxj) Date: Tue, 13 Nov 2018 12:52:56 +0000 Subject: [Lightning-dev] Offline Lightning-enabled Vending Machines Message-ID: Good morning list, During the summit, it was asked about an actual application problem for vending machines without any secret keys (so that hackers of vending machines cannot steal money from the machine). It was quite very satisfactorily solved by one of us, and I thought it would best shared and recorded for posterity (as it was not recorded in the wiki). The problem: 1. There exists a vending machine which must be offline and not contain any secret keys, in order to prevent theft from the machine. As the machine is not under direct control of the owner of the machine, it is better if the attack surface is reduced. 2. The owner of the vending machine (who is selling the product) has a separate, probably singular, Lightning node to receive payments. The solution: 1. Each vending machine contains a fixed number of hashes, as well as invoice signatures (signed by the owner Lightning node) corresponding to each hash. The number of hashes must at least equal the number of product for sale. The description of the product as well as the invoice price is fixed (after all, Bitcoin must be our unit of account). (for vending machines supporting multiple product types, simply multiply this table by the number of different product types) 2. Each hash has a 1-bit flag, initially 0. This flag is set to 1 when the hash has been claimed. 3. When a customer requests to purchase a product, the machine searches for a hash whose flag is 0. It generates the invoice (concatenating the description and price, and filling in the payment hash and invoice signature) and gives to customer. 4. The customer pays as normal. The vending machine owner node receives this payment and releases the preimage as proof-of-payment. 5. The customer gives the preimage to the machine, via QR code or via short-range radio technology such as bluetooth or NFC. 6. The machine checks the preimage, computes it hash, and checks if it is in the list of hashes. If so, and the claim flag is not set, it sets the flag and releases the product. OPEN PROBLEM: If product release fails due to mechanical failure, there is no way to easily refund the payment. 7. When replenishing the supply of product to the vending machine, the supply of hashes can also be replenished by the owner of the vending machine also. Regards, ZmnSCPxj -------------- next part -------------- An HTML attachment was scrubbed... URL: