[Lightning-dev] Onion routing strawman proposal
Rusty Russell
rusty at rustcorp.com.au
Tue Oct 6 01:48:11 UTC 2015
Anthony Towns <aj at erisian.com.au> writes:
> On Fri, Oct 02, 2015 at 03:18:39PM +0930, Rusty Russell wrote:
> Question:
>
> - I think this means lightning nodes are identified by the
> full 512 bit (or 257 bit?) public key used for routing -- (ie,
> knowing the HASH160 of the pubkey isn't enough, unlike in normal
> bitcoin pay2pubkey transactions).
Yes, since you need to encrypt to it, you need the full pubkey.
> - I think you can still use different keys for routing and
> anchors/commitments so far. (Using the anchor transaction to turn
> your routing id into a beacon would probably change that though)
Yes, that's still TBD.
>From the other email:
> - AES128 just uses the first half of the calculated enckey, iv and
> pad_iv
True.
> - since libsecp256k1 already sha256s the ecdh secret; the hmac/enckey/etc
> end up being sha256'ed twice (with a byte added in between). confused
> me for a minute.
I didn't notice that. Perhaps this is somewhere we should optimize?
Cheers,
Rusty.
PS. Message size of 128 bytes is completely made up, as is 20 hops. We
might want to reduce to 96 or 64 bytes.
More information about the Lightning-dev
mailing list