From andrea.raspitzu at acinq.fr Thu Jan 3 12:40:16 2019 From: andrea.raspitzu at acinq.fr (Andrea RASPITZU) Date: Thu, 3 Jan 2019 13:40:16 +0100 Subject: [Lightning-dev] Reuse of payment_hash in lightning invoices Message-ID: Good morning list, I wanted to know your thoughts about the reuse of payment_hash in lightning invoices, currently BOLT11 uses as example a donation invoice which seems to be "permanent" i.e the payment_hash isn't changing after having received a donation.I believe the reuse of known payment_hash is a security issue because an intermediary node routing a donation for the second time already knows the preimage, thus it can decide to pull the htlc from downstream without actually forwarding it to upstream (can respond with a htlc_fulfill). For example a malicious receiver can provide an invoice with assisted routes where among those he/she controls a node and that node won't forward to the htlc but steal the funds instead (the preimage is known to the intermediate node as well), thus it will be claimed that the payment hasn't been received. If the above is correct then there should be at least a warning in the spec regarding the reuse of payment_hash in invoices. Cheers, Andrea. -------------- next part -------------- An HTML attachment was scrubbed... URL: