delvingbitcoin
Combined summary - Privately sending payments while offline with BOLT12
The proposal presented in the GitHub pull request aims to enhance security within the Bitcoin Lightning Network by establishing a standard for secure communication between remote nodes and high-uptime home nodes through BOLT8.
It emphasizes the pairing of remote nodes with hardware wallets, such as Ledger and Coldcard, to improve both ease of use and security for users managing their nodes remotely. By standardizing control messages, the initiative seeks to streamline and secure remote interactions, proposing a framework that could significantly elevate the user experience in managing Bitcoin Lightning Network operations.
The discussion also delves into the differences between custodial and non-custodial liquidity service providers (LSPs). Custodial LSPs are highlighted for their ability to simplify transactions and enhance security for users by managing funds on their behalf. This model is particularly appealing to newcomers or those prioritizing convenience, despite the inherent risks of entrusting assets to a third party. Conversely, non-custodial LSPs offer users full control over their assets, aligning with blockchain's decentralization principles. This approach reduces reliance on third parties and mitigates some security concerns but requires users to be more technologically adept to securely manage their assets. The choice between custodial and non-custodial services ultimately depends on individual preferences for convenience versus control, underscoring a fundamental trade-off in the digital asset space.
Additionally, the proposal outlines an encrypted data transfer method for payments using onion-message paths, enhancing transaction security and efficiency. This method enables secure message transmission, such as update_add_htlc
, across onion-message paths, facilitating remote control of transactions without compromising security. The proposed standards aim to improve transaction processes by allowing high-uptime payees to assist payers in contacting their LSP or home node via BOLT8 tunnels created over onion messages. This approach broadens system applicability, catering to varied payment scenarios and enhancing user-friendliness.
A novel payment authorization concept is introduced, focusing on enabling secure and efficient transactions without direct internet connectivity on the payer's device. Pre-computed identifiers and keys stored on the mobile device allow for offline transactions at points of sale, through a process that ensures privacy and simplifies technology requirements. This system is compatible with existing point of sale devices and wallets, offering a secure alternative to current methods. A critical adjustment to BOLT12 is suggested to verify the match between invoice_request
and the received invoice
, enhancing trust and reducing computational burdens on nodes. This modification would facilitate a more scalable and secure transaction process, showcasing the potential for integration into various payment platforms, including smart cards.