From ZmnSCPxj at protonmail.com Mon Aug 28 13:34:44 2023 From: ZmnSCPxj at protonmail.com (ZmnSCPxj) Date: Mon, 28 Aug 2023 13:34:44 +0000 Subject: [Lightning-dev] Nucleus: Capital-efficient multipeer Lightning payment channels In-Reply-To: <63f9bf77-867b-ce29-2935-4a70dc22b0f1@onionmail.org> References: <1a7beeccda2a78d635554d13bfa091d6@dtrt.org> <1a7c7373-5511-d5f4-4aa9-8c19c3c0303d@onionmail.org> <63f9bf77-867b-ce29-2935-4a70dc22b0f1@onionmail.org> Message-ID: Good morning Mr Nuclear, > You are correct that the design relies on the honest majority assumption. > However, I disagree that it restricts the usability of the proposal, > due to the following considerations. > > 1. Any distributed system consensus, including bitcoin PoW consensus, > relies on the same (honest majority) or a stronger (hones 2/3) assumption; > and for some cases even 1/3 can break the consensus conditions (like with > selfish mining); so the untrusted peer networks are not something which > by definition requires stronger guarantees. The major difference here is that for PoW, it is impossible to create a "sybil attack" where you only need to spin up multiple nodes on AWS containers, each with its own identity. For PoW, every such node requires its own continuous hashpower; on Lightning, each such node can be generated by simply incrementing a 256-bit number. Thus, the honest majority assumption can **only** be relied on if you have ***some*** sybil-resistance. PoW *is* the sybil-resistance that Bitcoin uses. In short: you can only reason "I think, therefore I am", but you cannot from there derive that others exist; you MUST assume that there are only two entities: yourself, and the rest of the universe. Without any sybil-resistance mechanism, it is entirely possible for me to run multiple nodes, then vote you out of your funds. There is a reason why every non-custodial trust-minimized multiparticipant offchain mechanism requires n-of-n. Regards, ZmnSCPxj