[bitcoin-dev] trust
Joseph Poon
joseph at lightning.network
Tue Aug 11 04:17:53 UTC 2015
Hi Benjamin,
On Sat, Aug 08, 2015 at 02:01:58PM +0200, Benjamin via bitcoin-dev wrote:
> How do you know who is who online?
If a node is not online, then the payment can be cancelled and
re-routed.
> If Alice and Bob want to transact and haven't exchanged keys before
> they need public-key infrastructure out-of-band to identify
> themselves. Which means they are using SSL and Certificate authorities
> and trust them.
Lightning doesn't solve the key exchange problem (perhaps something like
Namecoin will help in the future). Bitcoin faces this problem today. How
do you know the bitcoin address belongs to the recipient without
trusting CAs? What if, in the case of the majority of bitcoin payments
today, the bitcoin address was not signed and the recipient claimed to
have never received their funds? There should be signed proof of payment
in every transaction for this reason.
> If you have non-cooperative hubs they could flood the network and make
> it unusable. And why should hubs cooperate? There are no incentives in
> the system.
There are some incentives towards keeping the system functional via
fees. If you attempt to flood the system, you'll likely be paying some
fees -- someone running a node will not interpret it as an attack, as
they're getting some money (probabably substantially higher as they will
increase fees to ensure network availability).
I agree that it's very important to think through varius attack models.
--
Joseph Poon
More information about the bitcoin-dev
mailing list