[Lightning-dev] Loop attack with onion routing..

CJP cjp at ultimatestunts.nl
Tue Sep 1 19:48:38 UTC 2015


Anthony Towns schreef op di 01-09-2015 om 17:56 [+1000]:
> On 1 September 2015 at 17:07, CJP <cjp at ultimatestunts.nl> wrote:
> 
>         Anthony Towns schreef op di 01-09-2015 om 07:08 [+1000]:
>         > On 31 August 2015 at 04:01, CJP <cjp at ultimatestunts.nl>
>         wrote:
>         >         >         A - b - c - D - e - F - g - H
>         No. H just tells A he can route this particular transaction to
>         D. A
>         doesn't know H.
> 
> 
> ​That doesn't make sense to me -- if A doesn't know H, how can H tell
> A anything?

Sorry, that must have been confusing.

The way I see it (and the way it's implemented in Amiko Pay), payer and
payee (A and H in the scenario) have a direct communication link between
each other (temporary, for the duration of the payment), to coordinate
the payment. They exchange things like the hash of R, the to-be-paid
amount and the address of the meeting point (D).

Currently, it's a normal TCP connection, so they know each others' IP
address, but I guess that, even without changes to the Amiko Pay code,
you could run Amiko Pay as a TOR hidden service (payer connects to
payee, so payee has to be the hidden service). Or they could meet each
other physically (without knowing each other), and communicate over a
temporary link (WiFi, Bluetooth or something else).

There is no technical reason why they should know each others' identity,
IP address or any routable address on the Lightning / Amiko network.

I guess your further questions followed from this issue. Is it all clear
now?

CJP

> 




More information about the Lightning-dev mailing list