From lee.chiffre at secmail.pro Tue Jul 14 02:58:13 2020 From: lee.chiffre at secmail.pro (Mr. Lee Chiffre) Date: Tue, 14 Jul 2020 02:58:13 -0000 Subject: [Lightning-dev] Lightning - Is HTLC vulnerable? And mention of Channel Factories In-Reply-To: References: Message-ID: <6443d6fb7ba06151b8a4ff4914761471.squirrel@giyzk7o6dcunb2ry.onion> Sorry. Re-sending with correction to CC bitcoin-dev I am sorry if this was already brought up in previous threads. If I know lightning network correctly then HTLC is used to enforce settlements on blockchain if there is a dispute. Could a person lose money if their HTLC does not get confirmed in the timeframe or if an older HTLC gets confirmed first? I see different ways this could happen. One, if the blockchain is very saturated with other transactions. The reason we need lightning network is why it might have troubles with settlements? Two, competition from a different conflicting HTLC. A newer HTLC might not get confirmed before an older HTL. Three, denial of service the lightning router so they never have a chance to send a settlement HTLC. I found out about a recent attack technique that sounds like it might be similar called "flood and loot". Is this a concern on lightning network? I humbly say that I do not fully understand all of lightning network yet. I am working to grasp the idea. These are questions I look to find answer for. Another question I have. I did read the paper Scalable Funding of Bitcoin Micropayment Channel Networks. Would channel factories be better and eliminate my concern? I am sending this to lightning-dev mailing list. I do not see lightning-dev emails because google recaptcha blocks me from the subscribe. Please CC me if you reply so I can read it. -- lee.chiffre at secmail.pro PGP 97F0C3AE985A191DA0556BCAA82529E2025BDE35