[bitcoin-dev] A thought experiment on bitcoin for payroll privacy

[ZmnSCPxj]

Good morning Mr. Lee,


> Permanent raises can justify permanently increasing the size of the channel with the employee.

On reflection, this is a bad idea.

Suppose I am a cut-throat employee and I want to have an idea of the bi-weekly salary of another employee.

I make some stupid bet, and lose, with the other employee.
I offer to pay the loss of my bet via Lightning, and the other employee, in all innocence, issues a Lightning invoice to me.

The Lightning invoice contains the actual node ID of the other employee.
And since I also have a channel with the cut-throat company, I know as well the node ID of the cut-throat company.

I can then look at the gossiped channels and see the size of the channel between the cut-throat company and the other employee, and from there, guess that this is the bi-weekly salary of that employee.

On the other hand --- once the employee has *any* funds at all, they can similarly take an offchain-to-onchain swap, and then use the funds to create another channel to another part of the network.
The other employee as well can arrange incoming funds on that other channel by using offchain-to-onchain swaps to their cold storage.
Thus, as an employee gets promoted and pulls a larger bi-weekly salary, the channel with the cut-throat company becomes less and less an indicator of their *actual* bi-weekly salary, and there is still some deniability on the exact size of the salary.

At the same time, even if I know the node of the other employee, the size of all its channels is also still not a very accurate indicator of their salary at the throat-cutting company.
For example, it could be a family node, and the other employee and all her or his spouses arrange to have their salaries paid to that node.
Or the other employee can also run a neck-reconstruction business on the side, and also use the same node.
(Nodelets for the win?)

Regards,
ZmnSCPxj